lmada.hooxs.com/t2159p25-topic
94.23.150.222301 Moved Permanently 0 B URL HTTP/1.1 lmada.hooxs.com/t2159p25-topic
IP 94.23.150.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t2159p25-topic HTTP/1.1
Host: lmada.hooxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 12:19:51 GMT
Content-Length: 0
Location: https://lmada.hooxs.com/t2159p25-topic
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6166
Expires: Mon, 30 Jan 2023 14:02:37 GMT
Date: Mon, 30 Jan 2023 12:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17039
Expires: Mon, 30 Jan 2023 17:03:50 GMT
Date: Mon, 30 Jan 2023 12:19:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 11:43:11 GMT
content-type: application/json
age: 2200
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5409
Expires: Mon, 30 Jan 2023 13:50:00 GMT
Date: Mon, 30 Jan 2023 12:19:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WqO7Ws5kDjYA44/644twPE7DzuvbnzdeQ27dkVQhlF/FOqEjkWpxn2ZotUVZD4sSL1/Ce5Tgh6yg0IF1i9qomA==
x-amz-request-id: N5CQBH29S1679JDS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 11:21:46 GMT
age: 3485
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13e0d916581b194bec36073e7c5c59c4
4cf0d00a8cc1d83a27fccf5cde33b374f4723837
7de76bd35e38611e60bd74b623322299fb472c6ba2d119d47348211a0abf30ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DE76BD35E38611E60BD74B623322299FB472C6BA2D119D47348211A0ABF30AC"
Last-Modified: Mon, 30 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15792
Expires: Mon, 30 Jan 2023 16:43:04 GMT
Date: Mon, 30 Jan 2023 12:19:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 11:49:04 GMT
age: 1848
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15806
Expires: Mon, 30 Jan 2023 16:43:18 GMT
Date: Mon, 30 Jan 2023 12:19:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b258794e80567fbabfc62a704382190e
4e0254b515dc236f0fc3d585c01ea4fc9d002432
2cf8dc3bfebd0cd32c0169ea6387e27e9cc7f93eb75576480725432fe727f7ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2730
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Etag: "63d7577a-118"
Last-Modified: Mon, 30 Jan 2023 11:34:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b258794e80567fbabfc62a704382190e
4e0254b515dc236f0fc3d585c01ea4fc9d002432
2cf8dc3bfebd0cd32c0169ea6387e27e9cc7f93eb75576480725432fe727f7ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3321
Cache-Control: max-age=151947
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Etag: "63d7577a-118"
Expires: Wed, 01 Feb 2023 06:32:19 GMT
Last-Modified: Mon, 30 Jan 2023 05:36:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 09:43:33 GMT
expires: Thu, 25 Jan 2024 09:43:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 441379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.40200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 62e07fccd9811f465276ca1ecae22237
8d35af27f6bc3b2f83fa325ac281371e62017833
74dd9053987edd18b02caf4172f3b9f769b976b3370db4b28e32a44cc7d31432
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 12:19:52 GMT
expires: Mon, 30 Jan 2023 12:19:52 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 65c6c24c0baeb503adc8b1eedaeaa5fc
9a3c708a9f6681374adc0e43edd583dfeb2d0e51
82d95cfcb00c5fb1d707f7a1cc5b9dd7524eb240a0f49470c194e5c21b68e5bc
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 12:19:52 GMT
expires: Mon, 30 Jan 2023 12:19:52 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf28544da37acd833929481f8af72bab
93b3abb9fb9bb007addd8dc8a0e75c94fbf9ffa4
8b0ec6b7f796d25a72a3414d5ad535ba917ce90488731e859af425a3e633d94c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Last-Modified: Mon, 30 Jan 2023 10:54:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf28544da37acd833929481f8af72bab
93b3abb9fb9bb007addd8dc8a0e75c94fbf9ffa4
8b0ec6b7f796d25a72a3414d5ad535ba917ce90488731e859af425a3e633d94c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3607
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Last-Modified: Mon, 30 Jan 2023 11:19:45 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fb93ee8be20f5278dedee580938de16e
369bd75394e5ba25a05b2cecf5d8cdfd9ea62b60
710ecafdd51cee08b5c54af45dfc455b61518acae46a942a0e5304662a0a8c63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5420
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Last-Modified: Mon, 30 Jan 2023 10:49:32 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b258794e80567fbabfc62a704382190e
4e0254b515dc236f0fc3d585c01ea4fc9d002432
2cf8dc3bfebd0cd32c0169ea6387e27e9cc7f93eb75576480725432fe727f7ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2730
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Etag: "63d7577a-118"
Last-Modified: Mon, 30 Jan 2023 11:34:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.servimg.com/u/f28/11/59/42/77/pi-ca-52.gif
172.67.178.62200 OK 4.8 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-52.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash 6ac3c8d16dc5a9bf761c20987991aa1b
73d822e3b41418bec3f2c11e8b2a383cb036262c
426e1eca8ba903d4db034b8ce844cd4e7ec95acbb94cfd76a101873280eeb7ec
GET /u/f28/11/59/42/77/pi-ca-52.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 4843
last-modified: Sun, 17 Feb 2008 23:15:18 GMT
etag: "47b8c006-12eb"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 19 Aug 2023 07:17:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAyf%2Bw%2F3%2B5Stji2OgV0e51%2FmHRbjiGycZoFaoWSe9WAnPmWzNlq6jRB5wogGO2BLjnYvT5QQm4TKK5IkYRvkVjErtjr90bOwZ9A9opmOI1orEce80iXN5JfaanxHaJ3z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a220b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-44.gif
172.67.178.62200 OK 2.2 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-44.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash cdcce2149815d4db123021db28d1d5a8
90cedbab377e5c862264779826c00a0e0f060351
fb65a8cb1f00b5b7b6761050078712d44f7f2151ed82df499ff96294e8c90929
GET /u/f28/11/59/42/77/pi-ca-44.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2222
last-modified: Sun, 17 Feb 2008 23:10:41 GMT
etag: "47b8bef1-8ae"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Wed, 13 Dec 2023 07:50:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoHdmcHzeXSbsuU8aVm7aPMzfEmem%2FOvGYQHua4La5hKtlxhI1c8tX8FSLZKikuOC5w2K5qyjWphHUKG5ffwyZznHW4Tx6yBkicY72FVxAe41PGdAs8o3U1bvGqMwm%2B8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a300b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-20.gif
172.67.178.62200 OK 2.3 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-20.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash cedea901404831b37be115fb8d237a8b
271c52f2481c6be45b187866bd9f1365c1ab1497
c0b41b26f2e557228abbaff46153381d333f7da9e9e838bda43713d6dea9555f
GET /u/f28/11/59/42/77/pi-ca-20.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2253
last-modified: Sun, 17 Feb 2008 23:00:27 GMT
etag: "47b8bc8b-8cd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 26 Jan 2024 07:14:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z02wr4%2F58vK6YcPSVnk3HxalhckqSNvP5x2VNwFw7jRnP9gVzYkz%2F2cnicb7BaIbzS4Oghlu1A9JwtmeXGR2fPihVlgJQ5tKvKTpAXyB47KYpwX0uLdiuoqHrlhAmkmS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a320b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-14.gif
172.67.178.62200 OK 2.3 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-14.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash dbc5dc3df4055c299b7e67b61de686fb
803db60e3833ca70ff26ce4343dae40aa042aec2
86231bf2e969332440c2997443ee1a389b197000f741d05f904e1712f45fe387
GET /u/f28/11/59/42/77/pi-ca-14.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2313
last-modified: Sun, 17 Feb 2008 22:57:47 GMT
etag: "47b8bbeb-909"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 11:03:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdqZAwWtiy5EgCm87jlbsV3uRrtTBYomjj2NQGOxhQowZAqPFLZT7TAhqRIQUYfBYrFQK94xEDCgNDiiS54AVGciGQ0EM6KXYRt8iB7J61fjbCaPMHl9RXKc5qUVfOl0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a3e0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-53.gif
172.67.178.62200 OK 3.9 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-53.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash 052486bf870b6db499b739a9123c0f16
958988e4a50a50d71788dfd1713ded064c79e2b5
d9dabdfc4beb016d906ad0621e2f219601728811564bd015e50a17adaf73b03f
GET /u/f28/11/59/42/77/pi-ca-53.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 3869
last-modified: Sun, 17 Feb 2008 23:15:46 GMT
etag: "47b8c022-f1d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 09:35:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FPU4jzakFVLS6%2FUTm1J5VFOwZ0gpOsZQ4h7VdFHvseOo1XuUg9hggRUDHhGmotq9xHQMWwmO8rurHbrJ0hYCLiZafENtZhLnq%2FBpmX3ErYr9Qb6vzUQ6dLAzpqtkIBY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a2c0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf28544da37acd833929481f8af72bab
93b3abb9fb9bb007addd8dc8a0e75c94fbf9ffa4
8b0ec6b7f796d25a72a3414d5ad535ba917ce90488731e859af425a3e633d94c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:52 GMT
Last-Modified: Mon, 30 Jan 2023 10:54:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
lmada.hooxs.com/0-rtl.css
178.33.43.150200 OK 55 kB URL HTTP/2 lmada.hooxs.com/0-rtl.css
IP 178.33.43.150:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 65476260cd5d169e4b30aa20cfab5486
820b531122fa7e818fee2f6ed45f7d7a47c6f4ef
1577c7a1aa93cfaf680fe3c064ba66e7329028ef25ef0ad54b0f4d7543334e2a
GET /0-rtl.css HTTP/1.1
Host: lmada.hooxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/t2159p25-topic
Cookie: exadd=167509
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: text/css
content-length: 54783
last-modified: Mon, 30 Jan 2023 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
i.servimg.com/u/f60/12/70/30/89/reg10_11.jpg
172.67.178.62200 OK 23 kB URL HTTP/2 i.servimg.com/u/f60/12/70/30/89/reg10_11.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:02:08 15:32:28], baseline, precision 8, 173x75, components 3\012- data
Hash 13d834cbd5b364812ec9a25ef6ad69d7
0580ee4c557323ce9f1a80add03080b08cbcc8d7
45d5de085afe7057a9e21419f0961466ac414907dcf1d39173567ee5587f8711
GET /u/f60/12/70/30/89/reg10_11.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/jpeg
content-length: 22979
last-modified: Sun, 08 Feb 2009 13:35:38 GMT
etag: "498edfaa-59c3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 30 Jan 2024 12:19:52 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uzv0YxAPeVNr%2BW3czi7L5esFgPhNKHutEXAaDDPAZrasPdp5M1Pjkq%2F4HpGibaBksIN7Fq2neLD%2FEIYR%2FuCvD70JChcU5DzJS%2F8ewKNlP%2BzKuh%2Fg2igO5QDgF16N8gr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a330b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.165.116.156101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.116.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: skkD/PEXs4xeNXgY1S1Zwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HWePcLjVQJxb4Z1DN4BMQMaC8G0=
i.servimg.com/u/f28/11/59/42/77/pi-ca-16.gif
172.67.178.62200 OK 2.3 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-16.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash 45a46033352ddd7d4c7e3eff630df549
d4187b8804716f258ef290bdbea4bf248a1ab9f4
886b48d80c45a901f275eb4f57090f1173bd8a93b58be3edcfe111410349547a
GET /u/f28/11/59/42/77/pi-ca-16.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2307
last-modified: Sun, 17 Feb 2008 22:58:44 GMT
etag: "47b8bc24-903"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 19 Aug 2023 02:29:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uEsPdz1BRk%2BVVQUoYCoFkcfQPZOhCi1ZrilSE0ddVa%2FuZdC9aaH83g4CeWoRuC2oDSIBmpPJKT0fzVjpQhXPozthZI81CVsnhfIKKHYjIM2JVgFS5XmarvAwkESr2vI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a290b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-46.gif
172.67.178.62200 OK 2.2 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-46.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash ba4942657809ad5d39be3d0399ac3c6a
e02d97886a49344c35bc294365c49d245f5fe510
0a42b2819ef60fe04b8e165b6706fa31a0b4c15504fead6cb9ee20cea42d309b
GET /u/f28/11/59/42/77/pi-ca-46.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2172
last-modified: Sun, 17 Feb 2008 23:11:52 GMT
etag: "47b8bf38-87c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 10:58:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=183j7KU2DrCmoKHQGj6Dwmn8DSrc9L9lB8J2LmOerJHZc76KAXkIOpik4N50IcdZPUxIsxRh%2BvTcSF90Y9j18LLQYRT5Aw%2BLTcKuHpZWrCY%2FacTta4ZxBa%2Bcp3oNTMd0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a340b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f41/11/81/60/19/c13e6510.gif
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f41/11/81/60/19/c13e6510.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f41/11/81/60/19/c13e6510.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Fu6ho2%2FNpaGyxQvxYbS30bewm79x4%2BGqD%2BZBLiuc%2FMVCrOChKfR8dbrS74QiC%2F%2BFC%2FbVPZERdREFtJHXKbBt0HG4JCLSA1WFBSJ5FKAE7Sw%2BnEjgWH6fvjiATa4jF23"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a2f0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/icon_minipost.gif
104.21.235.176200 OK 123 B URL HTTP/2 2img.net/i/fa/onyx/icon_minipost.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 13 x 9\012- data
Hash aa8228d74277b9f62b121e890147f2ff
07cc94349e10bd67ac9528aa2253ab82413ef90c
680720ede87ae9d67b34e749086722e8e4936ead686685c0f1de87223d08bf4f
GET /i/fa/onyx/icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 123
last-modified: Mon, 16 May 2016 11:00:14 GMT
etag: "5739a83e-7b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 4845819
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7C5QsIlZ5nOv6TG2gBjMaw%2FCld4pkguq5EEl%2FU8uHpeJ32oGu0qHrQOS%2Fg%2BQoKtRWBPvCpsCImbHqu7gJn9qJp7NcWKeU88FJqic6Q%2FJ9%2Fn%2FJ%2BFWp%2FLLQM8ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288f8e4723c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f60/12/70/30/89/forum-10.jpg
172.67.178.62200 OK 19 kB URL HTTP/2 i.servimg.com/u/f60/12/70/30/89/forum-10.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:02:08 15:32:11], baseline, precision 8, 119x75, components 3\012- data
Hash 571249409748c72be80c6a97f0d7c1b3
2bbe29bd2b202c207d81f3e952eabc7be864b74e
b61ff2db0e8d66cfd888c34af973fae1cd54b8ef7b70ce9fdca02d9207695d36
GET /u/f60/12/70/30/89/forum-10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/jpeg
content-length: 18976
last-modified: Tue, 04 Nov 2014 13:45:26 GMT
etag: "5458d876-4a20"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 30 Jan 2024 12:19:52 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxLIgUovPcHKP736CY8CLr4Yq50LnYpxLTHjhu6xsz5tSyO1aa%2BX0i6q7CPYeI8IOpdNWLEoEhB04i8x%2BBV3xFRebkOmN28ZyhN3Q7ClRCm%2BkP%2B3EMDsH0NMzgP%2FB5wI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a270b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/icon_minitime.gif
104.21.235.176200 OK 194 B URL HTTP/2 2img.net/i/fa/onyx/icon_minitime.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 12 x 9\012- data
Hash 45df8fa66cbcbc9f4d5de9d4aa6d6cbd
7907f257cb3b4caa16ecfd2df17538d3a3a5a428
22d8ca8b8455b3caf467b34df658773bb22bc9b628c6264e9c09d66585fdcac1
GET /i/fa/onyx/icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 194
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-c2"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 325196
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVm8Sj2y6%2FIkHltT5VSs0oMg1GUYjtJNyLxbx1yrum%2FtCOobYgtwkUZMZva0ijEyGzp6xAP6VdUn4hyfufCtBAr3sWgbiR7Znu91hs0sOZ8ITNVemYXqMrbByw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288f7e2f23c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.176200 OK 42 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 4863387
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hzi4Opo4QiQduHaTaoSK3fmaJAVBBpqsVwKV9WOfIsQgqQ%2FsKEVG9L2DjC4mgIIGnjGnhokQqNgyjRAK9C1L3AaxQXMFg8Rh4dCyNXjAyCBtckP2gpHWvTnqtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288f7e4023c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-54.gif
172.67.178.62200 OK 3.0 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-54.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash 75bb128ec5233f982518e1c532976810
2860e37d6e50a157dcc4850dcfb5e0ba56f7f3e6
fdc01aea7082825a10b77ca7e84b63e139a938e3ff00161fe80f570a43bbd3a5
GET /u/f28/11/59/42/77/pi-ca-54.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2950
last-modified: Sun, 17 Feb 2008 23:16:03 GMT
etag: "47b8c033-b86"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 27 Jan 2024 08:45:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHXz8uS5pcJE3Sf%2FaaPPKtGZF2XN5y9S%2BuzK1hYhDag2PDkxm2RBeeZEEm1T4e77JtxnqhsvR4T4HoQiHe9%2FNuSEtyrX4VLymNViZi8vmx7Ak9NaaL5zovRkhtz8y49v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a410b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-18.gif
172.67.178.62200 OK 2.3 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-18.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash e26ccfa0a58f40859645bbe95a932611
fb52c5e94cc41cd4d32038aeee5fe6b09f1ad2a3
10958167ea6db0c647c0712bb66b6a7edc21052feda16b3146f012a1314f4ec9
GET /u/f28/11/59/42/77/pi-ca-18.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 2311
last-modified: Sun, 17 Feb 2008 22:59:29 GMT
etag: "47b8bc51-907"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:20:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NYAg%2BhYRHVREOIJkRu9LvJmS7NCvyVYyV4WpnmBHYblsK2MaTpPIfrP3V0z4HA1uF59fTe2%2BhXNXNlW24%2F8cDN75NNtlzGe4krHxsMq3koyXR5OPftEMkdyZAaKkRJH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a240b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 4863447
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rBG0dvqE0B7mRn9J%2FSqOj%2BhSr7J%2BvFTW16ivyBu0Lv8jREJlDAszXGMNTI5763uCHXzM%2F%2BYIX79NnOcffiu3%2BTR%2B%2FUnHWR9%2Bm6apxLL1k6E1SOEAxJFN01xGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288f9e5823c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-37.gif
172.67.178.62200 OK 7.5 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-37.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash a60a55d19a34764ba23a8b6be043f907
b370ca0e9c636f326222d8efd8c40687a6be4651
d24b5c0a7cf1474d831fb5b2dc0ba500602c562bb177be493d880eb5bfac01c6
GET /u/f28/11/59/42/77/pi-ca-37.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 7516
last-modified: Sun, 17 Feb 2008 23:06:42 GMT
etag: "47b8be02-1d5c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Wed, 10 Jan 2024 14:28:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoGdm7vVQ4KU5onRL1lsMqcKINK1%2BWGX27885KHc3KYwKiwh433BMSduXSbvsRJu32wze%2BAJgAoOJ8EnzYCJK1zNegrEQdEQSZ5%2BM%2F8yAUN7T3EOGYLLWXQDnqKYr5yt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a360b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f60/12/70/30/89/on1010.jpg
172.67.178.62200 OK 19 kB URL HTTP/2 i.servimg.com/u/f60/12/70/30/89/on1010.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:02:08 15:32:19], baseline, precision 8, 114x75, components 3\012- data
Hash 8ea14323da6a09c007a7e1e0e570246f
76b65f1aa7af2212dfad6b23d46245a9e69f5071
56d4521781f9e0836440ac96b7e4276efaddd1eea1a1d6a1d967e3dc7ea045f2
GET /u/f60/12/70/30/89/on1010.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/jpeg
content-length: 18894
last-modified: Tue, 04 Nov 2014 13:45:26 GMT
etag: "5458d876-49ce"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 30 Jan 2024 12:19:52 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCxXz81ltfGFrhG5Gvw5GSNwzZu0gE6kylBTL%2FqaJasy63I1Aa2QZXqvjbh3iUDIbRdI3QFEr3kCvdOmqHpOMCsqCGn4L62d5595pRSYSXNCJzLgiGkuBlih%2Bra5Itgo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a310b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f28/11/59/42/77/pi-ca-40.gif
172.67.178.62200 OK 3.1 kB URL HTTP/2 i.servimg.com/u/f28/11/59/42/77/pi-ca-40.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 93 x 30\012- data
Hash 8c97e5d7ee97c13b5097a1eb5eb6d087
abe13bec7a2437192b5b242a2f07f054b54a4e4c
6a7f06fb0da97061927f47bb6f734917fc9e9476a8c6f04c288830f7fb095729
GET /u/f28/11/59/42/77/pi-ca-40.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/gif
content-length: 3114
last-modified: Sun, 17 Feb 2008 23:08:29 GMT
etag: "47b8be6d-c2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 07 Jan 2024 13:21:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1UUCdW39U3oHL8UTLPTWE%2Fvn89ZH5%2BNqDy7G66kuppcWHfLXgdcrKLRSTj2NIKsuxrXvMhadZ88s2xeVw0%2F9LGL%2BCipd9QajtomvBq4s%2BvVgFr20Gst%2FP3F3U1NXxPp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a400b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f77/12/97/62/00/male1110.jpg
172.67.178.62200 OK 4.3 kB URL HTTP/2 i.servimg.com/u/f77/12/97/62/00/male1110.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x51, components 3\012- data
Hash 1ba44b84ea9b0dcfede3865b20d1155d
ce4e121a79765035fbe312572a16b88ef9aa8d63
49db4dc4e3344b19b68b01147fe6989072438fbcbadd3c1d29fbce49084cd458
GET /u/f77/12/97/62/00/male1110.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/jpeg
content-length: 4301
last-modified: Fri, 24 Oct 2008 13:34:01 GMT
etag: "4901cec9-10cd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 30 Jan 2024 12:19:52 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIxLRSYNUR3c3NbPcUdE%2FsdyHIeyq0Bk8KAVBvc4Um7FjcLljH3G20l1ZT4Gu4QAHvziPobu8Vne19ddtQxX8DbuI54Y9Mpf0iBXDtp%2BwqWRh8p2Pr5jT7sj%2FQQFQxHg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a2d0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f77/12/97/62/00/femal110.jpg
172.67.178.62200 OK 4.4 kB URL HTTP/2 i.servimg.com/u/f77/12/97/62/00/femal110.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x52, components 3\012- data
Hash 1961c431b818f3c0d5d3362470ce70da
9216c5c9b9bb6a5b0aede2a8f8a004813cb036ca
3b21ff7dfafb23f4717700a4b3b85710363fcc11b21624bf4d21e77c86ce8351
GET /u/f77/12/97/62/00/femal110.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/jpeg
content-length: 4419
last-modified: Fri, 24 Oct 2008 13:34:16 GMT
etag: "4901ced8-1143"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 30 Jan 2024 12:19:52 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DLAw5unh0bAyU2PPbyQ%2FnVCyjeorng3OqssA50mb9jSfKhw7AyvtXUwTNBSUkNvuvYAr%2BOrv7llul6jcjMKyUR5wlm5f0Hsjj%2BPyMOsoD6PQ5ag%2BW0UMbqSQWe75rXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a288e5a260b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/sprite_icons.png
104.21.235.176200 OK 1.5 kB URL HTTP/2 2img.net/i/fa/sprite_icons.png
IP 104.21.235.176:0
File type PNG image data, 1395 x 12, 8-bit colormap, non-interlaced\012- data
Hash 6c31830c94fd2987aab8ed4af1e6b756
9bb52d402fd3cd4a0515c54b5061b655fdabfd96
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
GET /i/fa/sprite_icons.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: image/png
content-length: 1459
last-modified: Mon, 16 May 2016 11:01:49 GMT
etag: "5739a89d-5b3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 4863371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b2eorDyFYuhhDqVksGFViaP3wWZIKSR%2F7FXpQNafVM%2BMerVlsbmod7NhhWH64mbUMpY3MHZDTzDoXj0kRWuufMMLD%2BQPcu0vpsgeH741Wt4oVyGelnXGwG0rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288fdeb423c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e59dcfb3dc420f1abf576a48490ede03
e3d65dbea5055c627127ceab4d6072374e836fe5
7ad60d5eb13a5db25511a03b0b3e7c26eaab87cdeb5f747df6f1d3e42f56c458
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7AD60D5EB13A5DB25511A03B0B3E7C26EAAB87CDEB5F747DF6F1D3E42F56C458"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18307
Expires: Mon, 30 Jan 2023 17:25:00 GMT
Date: Mon, 30 Jan 2023 12:19:53 GMT
Connection: keep-alive
illiweb.com/rs3/71/frm/jquery/cookie/jquery.cookie.js
188.114.96.1200 OK 784 B URL HTTP/2 illiweb.com/rs3/71/frm/jquery/cookie/jquery.cookie.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (1011), with no line terminators
Hash d6915b0f04b2a3cecc3d7b74b5c5acd7
c61eb2af2eb9124efadde62b7983102bbb4ccbb2
c4a62ec7db8fca3120b4a2beb041dcee57c1f7b44a201515a055f96bd522f8d2
GET /rs3/71/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:36:47 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 963785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdwuG%2FxiQ5fpz3EhoVbczxKOl6WSGKcXLUXg7m2mLbsEVpVC63l3FieFTnuDh7PD1s1JX6VLFUFdwNgq6nJyYuxL%2FM6KrfJedeOnzHQdWsoYsTS1sBTLd%2B1A5vOM0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288de8afb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=lmada.hooxs.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=lmada.hooxs.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash a4a78770264d43d9a41cb6c142a76531
c081d0d34c5059ab0020ede79d0ac653802c9f7a
4323f7556130017f38095d29a8649cf005cc4a1b090586e8d8ad3d1726c5a952
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=lmada.hooxs.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 1bf98204b6de596e480badfd4caa71a4
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d4c8efefacdae00dbc2aa138ca34f954
17f86510acdcb3f727aa5f425ac80d45ded164d6
30bd2fb9ef311eb688777854ee3dd2451c05b5f3b789d4895aa47910c2b693b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:53 GMT
Last-Modified: Mon, 30 Jan 2023 11:07:40 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 64aab243abc75ee3a98fe22060a8ef6a
52c51e76a76ef24f57fce419abb2a08838e1226a
187d2be07e3fcedc61afd1b789d44ba91d221446f0dee8d5f2d2bb3358f4a230
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2722
Cache-Control: max-age=147052
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:53 GMT
Etag: "63d746b3-139"
Expires: Wed, 01 Feb 2023 05:10:45 GMT
Last-Modified: Mon, 30 Jan 2023 04:25:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=1eoSJ180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFnY25xZEFsa0VrYlN2MCUyRiUyRnl2c2xR; expires=Sat, 24 Feb 2024 12:19:53 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 237081
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
54.230.111.60200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 54.230.111.60:0
File type ASCII text, with very long lines (693)
Hash ed1cc31dfd9e0eec16f4631fc60daa96
3ebffae7ffbd9ebcd079042afb337230e148d993
3230940b2ba3c2af9e06970cb845da7b80ca0ceb4f038d0a7fb0c4072ab63e9e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28943
date: Mon, 30 Jan 2023 08:49:51 GMT
last-modified: Mon, 30 Jan 2023 06:48:23 GMT
etag: "ed1cc31dfd9e0eec16f4631fc60daa96"
cache-control: public, max-age=604800
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dSe8TFVurcrxMDGTtnxU2w8AMYg5exR7alRj4IL9srJBzOalRDZjkw==
age: 12603
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.65.44200 OK 41 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.65.44:0
File type Unicode text, UTF-8 text, with very long lines (65498)
Hash 54c58ffa3b1b2dfd9a6046a4a00dbab9
fe18f4788c8daf5bcbba1642a5b8c20c72cbc394
5635408c8657e22190f7a5fc42c5a444b770dce7a05f3351aff97654315a6d43
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: C0oqOS51mm4JAB5I/Ous3UFmpOOJ9HV2j4dQ8lqRpx0twjDg95AuTF75Z0+zJ5t6UMa8e86qvUI=
x-amz-request-id: 51Q7BGJ13NSHMP46
x-amz-replication-status: PENDING
last-modified: Sun, 29 Jan 2023 10:02:26 GMT
etag: "97ee915722c8e01f9fce00760c4c52ad"
x-amz-version-id: 97v_1ONCUMjAryNlqq7bU66i36bmFcF9
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:53 GMT
via: 1.1 varnish
age: 111
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675081194.653384,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 41392
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.34200 OK 20 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.34:0
File type JSON data\012- , ASCII text, with very long lines (1490)
Hash f68ff0d9517ade6f6280e6fc5943020e
2edbd837e6948f0fb37ee130e5698416e780abaf
3a8b6ff5648fbd44134b7f0419be2c37e9a398c9d7e7560e2f4cf3d3bf4842b4
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 112802
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=134&profileId=206&cb=32186977092
178.250.0.165200 OK 160 B URL HTTP/2 bidder.criteo.com/cdb?ptv=134&profileId=206&cb=32186977092
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0304986656a552d0055eb93d6ab67a8e
96b46cd1e4ab802fa50a97955d2519dd0d4931c8
9d3895b3199edcb00e51a906ee47eea1c20e7718cfd73e9aa1ff2f3fd58e5499
POST /cdb?ptv=134&profileId=206&cb=32186977092 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 568
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://lmada.hooxs.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20230129-6-RELEASE.js
151.101.65.44200 OK 155 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20230129-6-RELEASE.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (65509)
Size 155 kB (155018 bytes)
Hash 193d4492e65eb38d3b1d3fed587f9018
0e59f7f3837ae583976b5929be1eda4fd321dc17
84c400dc4d6d7461c697ed8fa7215570500230f4c7b8d703c1b04b387b6837a2
GET /libtrc/impl.20230129-6-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7C88YsEMVIWGjfMeIM1ppuJTz51s3gtDUfh7KD3xv/lyG9rwXvC289Q2niFbjPiJLxu0GCdqKhk=
x-amz-request-id: 4BN8H2B2M4MMEJG0
last-modified: Sun, 29 Jan 2023 09:51:09 GMT
etag: "193d4492e65eb38d3b1d3fed587f9018"
content-encoding: br
x-amz-version-id: f1cDvBx588r.8onzdlHwMk7xnX8.RiGO
content-type: application/javascript
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:53 GMT
via: 1.1 varnish
age: 8910
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 6167
x-timer: S1675081194.735053,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
server: AmazonS3-br
content-length: 155018
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash e52dd035ebab425ac5fdd381fdf191e4
3decad11d46ac06c704b3a443805523e62bde777
831badf751fc565f5c3ebc0bef0e62fa3ef19da4680c66a66f24d68b957b7f0a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161067
Date: Mon, 30 Jan 2023 12:19:53 GMT
Etag: "63d777c7-1d7"
Expires: Wed, 01 Feb 2023 09:04:20 GMT
Last-Modified: Mon, 30 Jan 2023 07:54:47 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TsATJj7aa5LLJ5Q7JaqfrFowVOIYvepgB8mt_jGXymcBiFw6DfcbZg==
Age: 4173
api.viglink.com/api/ping
52.16.191.85200 OK 260 B IP 52.16.191.85:0
File type ASCII text, with no line terminators
Hash 8e093d26e50333367768f46bb8a908db
9a80ab55e708df1df47300401950fc893707d090
02771d33c1ac81e01d86d63130d9a371c34a1f50f3756b774bd46ad6685890ba
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 138
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://lmada.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A20%3A05.853&type=usage&msg=rtus&llvl=2&id=7461&cv=20230129-6-RELEASE<=deflated&uuid=707ceb8e921e6bc6efb852a3ad0d2f89964f68edd40d75d01086ffa566d09413&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A20%3A05.853&type=usage&msg=rtus&llvl=2&id=7461&cv=20230129-6-RELEASE<=deflated&uuid=707ceb8e921e6bc6efb852a3ad0d2f89964f68edd40d75d01086ffa566d09413&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A20%3A05.853&type=usage&msg=rtus&llvl=2&id=7461&cv=20230129-6-RELEASE<=deflated&uuid=707ceb8e921e6bc6efb852a3ad0d2f89964f68edd40d75d01086ffa566d09413&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
x-fastly-to-nlb-rtt: 22218
access-control-allow-credentials: true
X-Firefox-Spdy: h2
lmada.hooxs.com/images/icons-180.png
178.33.43.150200 OK 19 kB URL HTTP/2 lmada.hooxs.com/images/icons-180.png
IP 178.33.43.150:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 051d68c6c419dd94b3a89c21db6f2bef
d4134e2400e3ad6adb71bf9dc6c351dc9883d773
d8ff88a4513b99829425a2256ddbac71c084b0c9a45b7f57b5b0fee2f0e30e8c
GET /images/icons-180.png HTTP/1.1
Host: lmada.hooxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/t2159p25-topic
Cookie: exadd=167509; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: image/png
content-length: 19117
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
52.16.191.85200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 52.16.191.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/domains
52.16.191.85200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.16.191.85:0
File type ASCII text, with no line terminators
Hash dfdec79fe6395136bea8c1c09560cfd2
56b3f7704148ea77921054bb4c198a097e45ec8b
fbe8f2a0e5ea9c18105f1d06112c8e93a1ed6e11ed2236219ec0763162a3f691
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 233
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://lmada.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&gjid=1178154464&_gid=1398454970.1675081206&_u=YEBAAUAAAAAAACAAI~&z=235793300
173.194.221.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&gjid=1178154464&_gid=1398454970.1675081206&_u=YEBAAUAAAAAAACAAI~&z=235793300
IP 173.194.221.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&gjid=1178154464&_gid=1398454970.1675081206&_u=YEBAAUAAAAAAACAAI~&z=235793300 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lmada.hooxs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 12:19:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 51627
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 50397
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 52112
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 51057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyA7JoIHpcBuMaoGjSH3XdUZ0PmHYITS4606WbOLHitdOmLbIPpxJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 15:39:26 GMT
age: 74428
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WdAuArY0X2z4d6i17ZJ0521rzGRJS8FtaN-Kqvzg0fqW3F-HptEvNA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:10:01 GMT
age: 50993
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
52.16.191.85200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 52.16.191.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8fde92bc522988efda6e6a8b2fb2b790
9e55402674e4ae4368e3b21d149530a274ebc486
6001ffc1395bdb708370d65d8b462499e7f2b812602677b0ee4c4c713856a9d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6001FFC1395BDB708370D65D8B462499E7F2B812602677B0EE4C4C713856A9D7"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12289
Expires: Mon, 30 Jan 2023 15:44:43 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
Content-Type: application/json
Origin: https://lmada.hooxs.com
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: cc1f0caf4cbb7bb0d06d2ade7b418bd3
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
Content-Type: application/json
Origin: https://lmada.hooxs.com
Content-Length: 765
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a2af285c2281832e863f60c01951a23d
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20230129-6-RELEASE.es6.js
151.101.65.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20230129-6-RELEASE.es6.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (17842)
Hash 1f378a3e6d1a28057c895e510e45ffbc
3f0a61547e3a2cc0ad69937b15fe614a2533ec3d
c21bccb1d44f4032b5d1a32a51f7e7b1be910d2ec3e0c95734fa7b481f6e4f83
GET /libtrc/userx.20230129-6-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ooqBMN7GQIhxGu5acLA2MmyCf6PUlsloseRaqTErD5Og17HNR+quKlXrj/VgU0rs6UhdtvjOjpQ=
x-amz-request-id: WTEPQTEDW0XYY99A
x-amz-replication-status: PENDING
last-modified: Mon, 30 Jan 2023 12:15:50 GMT
etag: "d1d07fb98ca1cb9f9bc8d50625c50725"
x-amz-version-id: F1xcBsF3KGVt_PJ9UlpRuLOPz8cJlS4O
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
via: 1.1 varnish
age: 239
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 41
x-timer: S1675081194.413546,VS0,VE0
cache-control: private,max-age=2629743
vary: Accept-Encoding
abp: 2
content-length: 5397
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 60 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f1ec67af32bde0de784c31ad249a05c
345ef677d63f525790348554d980b74f4c6b3b0d
cdd0c4f1ff7a77be034b82d499b7294e4974e6061b4e2e6f09825af8dce6234f
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/javascript
x-trace-id: 960ed89f51089797d197db51864ed404
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=92ffb59f25e245cd9fe38ac02d54745b; expires=Tue, 30 Jan 2024 12:19:54 GMT; path=/; secure; SameSite=None
oaidts=1675081194; expires=Tue, 30 Jan 2024 12:19:54 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/510acf42d1cab232b6609d006ce3c36e.jpg
151.101.65.44200 OK 10 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/510acf42d1cab232b6609d006ce3c36e.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d93446314d7317eea6ae2b30fecb9021
839f556845302ed9e9623d122676e82eb993ef9e
83efc1028c17071d9725aaf2d8420a8218c71cb55c58ed165c9a356fd3556262
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/510acf42d1cab232b6609d006ce3c36e.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 379942563514128916764180839075714978012,431831271005498588689718966572344497016,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 379942563514128916764180839075714978012,431831271005498588689718966572344497016,29ecf9b93bbf306179626feeda1fab70
etag: "7e79671b246b138f213d352cd53bf351"
last-modified: Sun, 04 Dec 2022 08:10:17 GMT
req-referer: https://klaproos.catsboard.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 61c2525b5968ba264ef9381231166629
x-envoy-upstream-service-time: 152
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
age: 4293372
x-served-by: cache-iad-kiad7000051-IAD, cache-iad-kcgs7200028-IAD, cache-bur-kbur8200167-BUR, cache-iad-kiad7000122-IAD, cache-bma1672-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 1, 1
x-timer: S1675081194.415512,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/510acf42d1cab232b6609d006ce3c36e.jpg
x-vcl-time-ms: 1
content-length: 10544
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b1777fa38cfd1516a361a6b6c5f9d9c.jpeg
151.101.65.44200 OK 19 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b1777fa38cfd1516a361a6b6c5f9d9c.jpeg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 15cad386e60f5448175daf75a6c517ef
c7dd7dea7aa5b9ed5ef010cab6472023760d5932
4935c4b3b0e55155c85e5f17fa98d172809461e1053d700844ca046859b234bc
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b1777fa38cfd1516a361a6b6c5f9d9c.jpeg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 481295701218455276941095982379019144012,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 481295701218455276941095982379019144012,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "3c6c9d7c4112597a6f3207f99d82052b"
last-modified: Fri, 28 Oct 2022 20:43:39 GMT
req-referer: https://www.theweathernetwork.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 691b8d0062cd43127a6134719ce0fdb6
x-envoy-upstream-service-time: 21
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
age: 6054079
x-served-by: cache-iad-kcgs7200155-IAD, cache-iad-kjyo7100136-IAD, cache-bur-kbur8200079-BUR, cache-iad-kiad7000170-IAD, cache-bma1672-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 3, 1, 1455, 1
x-timer: S1675081194.415677,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b1777fa38cfd1516a361a6b6c5f9d9c.jpeg
x-vcl-time-ms: 1
content-length: 19016
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3158947ee3e90c3324860184867925e4.jpg
151.101.65.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3158947ee3e90c3324860184867925e4.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 67dd85afca00e5c601c9bf83de234558
53db4fd32301ec85ff60fd5212104684c5084f8d
ec1a24ebde75a76f4a011d6c49da2939b619f111704be293095c6768c55e8a66
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3158947ee3e90c3324860184867925e4.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 338405389217297421442376255586539798649,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 338405389217297421442376255586539798649,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "0afa4ca5bcc5a69913cdf3e8d6c5e674"
last-modified: Mon, 12 Dec 2022 18:45:47 GMT
req-referer: https://802322efd3f7b968e33886e2e32922d4.safeframe.googlesyndication.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: c0e6e422b8e74cb1c75a0679c984cdea
x-envoy-upstream-service-time: 224
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
age: 2596061
x-served-by: cache-iad-kjyo7100126-IAD, cache-iad-kjyo7100089-IAD, cache-bur-kbur8200078-BUR, cache-iad-kjyo7100179-IAD, cache-bma1672-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 61, 1
x-timer: S1675081194.415659,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3158947ee3e90c3324860184867925e4.jpg
x-vcl-time-ms: 2
content-length: 10962
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 13 kB IP 178.250.0.157:0
Hash 7a45e45ab84692b421b40fd68e6b6737
abe248eabea3a1ebedc4e42f4e0bec6fcdbafbfd
76c4e2fb09c4e5c97b4aa78103ff41234f8a4b077956bad3fb45c6882229ab7c
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=1eoSJ180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFnY25xZEFsa0VrYlN2MCUyRiUyRnl2c2xR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=wVO5x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFJdWliMHBmcVhGWkhPWHdUeHFkTk4; expires=Sat, 24 Feb 2024 12:19:54 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 358101
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc228f6d8a340d31c971fa23df698165.jpg
151.101.65.44200 OK 5.2 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc228f6d8a340d31c971fa23df698165.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f25592b338bbdaca40db163d90175e80
e3e9bcad83e560c5a50b32344cad944569a204f3
d722d60396ff0b88f162ccf3d24aeeefeb020185adfd7b3c08abed9ec77c1416
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc228f6d8a340d31c971fa23df698165.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 426826238444850165140237650855689054867,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 426826238444850165140237650855689054867,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "0a8094d40163c1f521509540e197f475"
last-modified: Fri, 30 Dec 2022 14:36:16 GMT
req-referer: https://www.vozpopuli.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 65ca781ba6d0aec109b8b0fba19bc1c9
x-envoy-upstream-service-time: 396
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
age: 2378517
x-served-by: cache-iad-kjyo7100092-IAD, cache-iad-kjyo7100026-IAD, cache-lga21931-LGA, cache-iad-kiad7000082-IAD, cache-bma1672-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 6, 1
x-timer: S1675081194.416611,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc228f6d8a340d31c971fa23df698165.jpg
x-vcl-time-ms: 4
content-length: 5174
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cc09d90f74811e7c9874dfa13a4c510.jpg
151.101.65.44200 OK 9.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cc09d90f74811e7c9874dfa13a4c510.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash eee47c635aac51966dc2aabf51b18944
efc48e1123ad46962da8e21f03def46b02969be6
be60a85e152650b7aa8e89947a5174eac472ea629dcf4185d8aa3b4fc3c3d2a4
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cc09d90f74811e7c9874dfa13a4c510.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 572571787224556870775187733927944828471,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 572571787224556870775187733927944828471,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "8fbe4596589f838df3462ed51d22cd7c"
last-modified: Sun, 04 Dec 2022 09:45:00 GMT
req-referer: https://weather.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 5ce4ccbe0952242e42f68c432ed4f3ec
x-envoy-upstream-service-time: 479
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
age: 2573314
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100172-IAD, cache-lga21928-LGA, cache-iad-kjyo7100144-IAD, cache-bma1672-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 28, 1
x-timer: S1675081194.416735,VS0,VE8
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cc09d90f74811e7c9874dfa13a4c510.jpg
x-vcl-time-ms: 8
content-length: 9136
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&_u=YEBAAUAAAAAAACAAI~&z=963990764
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&_u=YEBAAUAAAAAAACAAI~&z=963990764
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&_u=YEBAAUAAAAAAACAAI~&z=963990764 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:19:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&_u=YEBAAUAAAAAAACAAI~&z=963990764
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&_u=YEBAAUAAAAAAACAAI~&z=963990764
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-144347007-1&cid=1334279213.1675081206&jid=238660974&_u=YEBAAUAAAAAAACAAI~&z=963990764 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:19:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.viglink.com/api/domains
52.16.191.85200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.16.191.85:0
File type ASCII text, with no line terminators
Hash 1d614897160d2d5030472740d11c6e89
fe3ce70a31ed42d0957435bd51b8fe236ce8c61d
996b922626c5a28d694fc3034b292d1eea02463b26a755718ea0c640b09d2ae9
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 231
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://lmada.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 373
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 12:19:53 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://lmada.hooxs.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6069
Expires: Mon, 30 Jan 2023 14:01:03 GMT
Date: Mon, 30 Jan 2023 12:19:54 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=92ffb59f25e245cd9fe38ac02d54745b
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=92ffb59f25e245cd9fe38ac02d54745b
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1c2a2500c0febea11ae97f6e7e9a90d5
cebfe42f8bbf7762b49c20943f3258ce435f4bba
9bfe0b9c1d4188072a7d74f3d0089598100bd11b9558d7b674e2982a8d96d0b8
GET /gid.js?userId=92ffb59f25e245cd9fe38ac02d54745b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=92ffb59f25e245cd9fe38ac02d54745b; expires=Tue, 30 Jan 2024 12:19:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:54 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://lmada.hooxs.com
server-processing-duration-in-ticks: 478998
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A20%3A06.499&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4732&cv=20230129-6-RELEASE<=deflated&uuid=707ceb8e921e6bc6efb852a3ad0d2f89964f68edd40d75d01086ffa566d09413&dcc=2&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A20%3A06.499&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4732&cv=20230129-6-RELEASE<=deflated&uuid=707ceb8e921e6bc6efb852a3ad0d2f89964f68edd40d75d01086ffa566d09413&dcc=2&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A20%3A06.499&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4732&cv=20230129-6-RELEASE<=deflated&uuid=707ceb8e921e6bc6efb852a3ad0d2f89964f68edd40d75d01086ffa566d09413&dcc=2&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
x-fastly-to-nlb-rtt: 79510
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c37c4edbc4812f60cfda6bcc96499d6c
0cf368cacfa7aa377770a1ef480ba934478821f6
5253dd931f7d316acd5ca5ba3642f9e2b60ab198dd80c79a741a9c5d0c97f2ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1027
Cache-Control: max-age=102106
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:54 GMT
Etag: "63d69dc1-139"
Expires: Tue, 31 Jan 2023 16:41:40 GMT
Last-Modified: Sun, 29 Jan 2023 16:24:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 8.9 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash 6d726b761cf40527daea94e8e3a799ce
b840c3c270e9601bb81e14254d54c2da16bf1930
cd06de19924ab5c7608d874e7bc0c5d5f5fb7ce118c18a2d7c0cdc5496d7b0d3
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
x-crto-bundle: xcQm0l9MOUs1UW5ka0hGaWpvaUZVOVhSVGd6SWMzclZLZFdYcFZWN2tLY3dZY0p4aW8ySTdRWGRkamh4TUxveGdHQTdjVXhBUDhnNFZ1YlY1Q1RSUkZkYkJFNEJkd0haY2Z2SSUyRnd3NXYlMkJ6dUdFT0xKZEMlMkZYJTJCYUkxT1RNY0twdnFEbGM2Z282aCUyRjY5WGNNS1ZONEFnUFBUMFlnJTNEJTNE
Origin: https://lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://lmada.hooxs.com
server-processing-duration-in-ticks: 1943919
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&cmcv=&pix=31589837&cb=1675081206903&uv=3251&tms=1675081206903&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1675081203487!ts:1675081206903&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&cmcv=&pix=31589837&cb=1675081206903&uv=3251&tms=1675081206903&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1675081203487!ts:1675081206903&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&cmcv=&pix=31589837&cb=1675081206903&uv=3251&tms=1675081206903&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1675081203487!ts:1675081206903&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-length: 0
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7WgsCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJLVc7VYmi2Mt2wxHbtFuNnFLfBvLWuGcrDYzx8xm8RiGQIIrj8lhmK3WkolvsBatNo61xDizuSUmw8ownFlMm8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3erHbYXLYhX6_8XPX-N1-0WWxWg4uq7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFhkWMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQYCjgufkeBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AJgdQqxG84Wu9FsM5odAAAAwN3___-_HkjsFqaFa-WcbDyD0WLj8O0GG5dt47GNhsvJaDPzngp0eV_airFNn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32NxCD1QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwMbNMNsbJxi0arpxr0XBlcit8M49bM7M5JwvDxDmxjNyi18f0MDk2E9tyi4IBKXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC77xm5hWrhWzsnGMxgtNg7fbrBx2TYe22i4nIw2M39jZplsjJONWzRcOdei4crkVvhmHrdmZnNOFoaJc2IZuUWvj-lhcmwmtuW-MdutBsPFYrnZN2a71WC4WCw3-w6d4bv6nI3O4Hji8bmMtmrUc3MYFC6Dxfv7XKTNaONmVGnDFovqWty5Jlah3-_3-_1-v9_v927MBo_BYHhZvtrCxPntWb7VzsZ7MChiieB0kU5EL-PpIpZInhbpRDHcDFab3WqxWQ4njtVosLDYJqbFYjaZmZaz5cQilihNF-lEL7osVsvBZbUW_Q1Pj0X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj9pPibx_9mRxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8kxYhSL_zIBQ!&cmcv=&pix=31589837&cb=1675081207004&uv=3251&tms=1675081207004&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1675081203487!ts:1675081207004&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7WgsCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJLVc7VYmi2Mt2wxHbtFuNnFLfBvLWuGcrDYzx8xm8RiGQIIrj8lhmK3WkolvsBatNo61xDizuSUmw8ownFlMm8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3erHbYXLYhX6_8XPX-N1-0WWxWg4uq7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFhkWMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQYCjgufkeBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AJgdQqxG84Wu9FsM5odAAAAwN3___-_HkjsFqaFa-WcbDyD0WLj8O0GG5dt47GNhsvJaDPzngp0eV_airFNn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32NxCD1QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwMbNMNsbJxi0arpxr0XBlcit8M49bM7M5JwvDxDmxjNyi18f0MDk2E9tyi4IBKXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC77xm5hWrhWzsnGMxgtNg7fbrBx2TYe22i4nIw2M39jZplsjJONWzRcOdei4crkVvhmHrdmZnNOFoaJc2IZuUWvj-lhcmwmtuW-MdutBsPFYrnZN2a71WC4WCw3-w6d4bv6nI3O4Hji8bmMtmrUc3MYFC6Dxfv7XKTNaONmVGnDFovqWty5Jlah3-_3-_1-v9_v927MBo_BYHhZvtrCxPntWb7VzsZ7MChiieB0kU5EL-PpIpZInhbpRDHcDFab3WqxWQ4njtVosLDYJqbFYjaZmZaz5cQilihNF-lEL7osVsvBZbUW_Q1Pj0X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj9pPibx_9mRxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8kxYhSL_zIBQ!&cmcv=&pix=31589837&cb=1675081207004&uv=3251&tms=1675081207004&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1675081203487!ts:1675081207004&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7WgsCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJLVc7VYmi2Mt2wxHbtFuNnFLfBvLWuGcrDYzx8xm8RiGQIIrj8lhmK3WkolvsBatNo61xDizuSUmw8ownFlMm8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3erHbYXLYhX6_8XPX-N1-0WWxWg4uq7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFhkWMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQYCjgufkeBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AJgdQqxG84Wu9FsM5odAAAAwN3___-_HkjsFqaFa-WcbDyD0WLj8O0GG5dt47GNhsvJaDPzngp0eV_airFNn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32NxCD1QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwMbNMNsbJxi0arpxr0XBlcit8M49bM7M5JwvDxDmxjNyi18f0MDk2E9tyi4IBKXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC77xm5hWrhWzsnGMxgtNg7fbrBx2TYe22i4nIw2M39jZplsjJONWzRcOdei4crkVvhmHrdmZnNOFoaJc2IZuUWvj-lhcmwmtuW-MdutBsPFYrnZN2a71WC4WCw3-w6d4bv6nI3O4Hji8bmMtmrUc3MYFC6Dxfv7XKTNaONmVGnDFovqWty5Jlah3-_3-_1-v9_v927MBo_BYHhZvtrCxPntWb7VzsZ7MChiieB0kU5EL-PpIpZInhbpRDHcDFab3WqxWQ4njtVosLDYJqbFYjaZmZaz5cQilihNF-lEL7osVsvBZbUW_Q1Pj0X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj9pPibx_9mRxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8kxYhSL_zIBQ!&cmcv=&pix=31589837&cb=1675081207004&uv=3251&tms=1675081207004&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1675081203487!ts:1675081207004&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:55 GMT
content-length: 0
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_5_1/assets/css/cmOsUnit.css
151.101.65.44200 OK 7.7 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_5_1/assets/css/cmOsUnit.css
IP 151.101.65.44:0
Hash 910667a2fde737fb00f85f576307d7c1
b61996c64e31fd718e9d6476c5a9199423271af6
dc4be0883c751d0414e7b69a47e2216eabadf28d6fa3a20178ef7c9a6b2f1365
GET /vpaid/units/32_5_1/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: tsbvHwBe8RZ2eTVfyy/YluvyrsPwFIlb3Mg6uSSPJR3Fghc5q5iWr+Yd+9HSbN3tO/1K8/bAyck=
x-amz-request-id: HRBBK8A5X89PCA9Q
last-modified: Mon, 23 Jan 2023 10:07:50 GMT
etag: "910667a2fde737fb00f85f576307d7c1"
x-amz-meta-ctime: 1674468469
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1674468468
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
age: 612604
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 109657
x-timer: S1675081195.091135,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 7742
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_5_1/infra/cmTagWIDGET_ITEM.js
151.101.65.44200 OK 127 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_5_1/infra/cmTagWIDGET_ITEM.js
IP 151.101.65.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 127 kB (126839 bytes)
Hash c9663ce1bcdfc30d9dec01b5d9337351
1f403e4b4606f754da45ec8ef123e4a684f8136e
e1b1575eec1892119eb9314e635bde09555703a7d5813fff0c576a423fef0ab3
GET /vpaid/units/32_5_1/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Itnj6mq7LBthbbInhKwCQN1ef84FWu8DLwi5UIG3GFS1KAU60n739N3eJqo8E36mRfKB7DKPVMc=
x-amz-request-id: HRBFR121K1KBJPCC
last-modified: Mon, 23 Jan 2023 10:07:00 GMT
etag: "c9663ce1bcdfc30d9dec01b5d9337351"
x-amz-meta-ctime: 1674468419
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1674468418
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
age: 612604
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 55435
x-timer: S1675081195.112457,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 126839
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 48b3c39a10c4fae3cfec20c146d14da1
3cf14c8e255ac3749edb8d32be64e818de24f783
a4de7294783bc0674985c806e7e68e26de50c25108fd2ad16cee76afaa8902be
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:19:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 03 Feb 2023 09:31:08 GMT
ETag: "3cf14c8e255ac3749edb8d32be64e818de24f783"
Last-Modified: Mon, 30 Jan 2023 09:31:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 172
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a289d7d15b4ed-OSL
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&cmcv=&pix=undefined&cb=1675081206904&uv=3251&tms=1675081206904&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7db548e4-b377-447e-8c2a-05495b29f32a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.65.44200 OK 817 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&cmcv=&pix=undefined&cb=1675081206904&uv=3251&tms=1675081206904&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7db548e4-b377-447e-8c2a-05495b29f32a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.65.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1487), with no line terminators
Hash 1b2d85cd87bd54c0e9e328524d812817
c6977971227f20b9f3f9ba38fa565af5206ddd37
3e770344f660f8f9f0e361fd02c68c05d4bb86da31c9245e737c2479faee827e
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&cmcv=&pix=undefined&cb=1675081206904&uv=3251&tms=1675081206904&abt=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7db548e4-b377-447e-8c2a-05495b29f32a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675081195.980616,VS0,VE29
vary: Accept-Encoding
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:55 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0d0c18261bad1fbb998441c77d48779e
f26c71f7a3270fd171bfcfc9a94a7f281f9af643
bce1232a8f8c6594d3a710abd467d1c0948a36f3d80e25e509379f32ec0bc989
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:55 GMT
Last-Modified: Mon, 30 Jan 2023 11:39:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
ups.analytics.yahoo.com/ups/58534/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 12:19:55 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOu112MCEGZ8bm7CppDhxCmpFHaxy98FEgEBAQEH2WPhYwAAAAAA_eMAAA&S=AQAAAqECt__kkoVRttdcT6g7Jkk; Expires=Tue, 30 Jan 2024 18:19:55 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 12:19:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f36fe5538c88c41b546190f7299c46db
4711c61e57cb94ca2cc2021dc3e15dcbf5a94d53
41bdced4c69efa13d4adbdd0e8421f10f5c704f8824399933b0a78aa2f85a8c2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 12:19:55 GMT
Last-Modified: Mon, 30 Jan 2023 10:52:58 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PyY3um3nD-AOMHPukKl_WRzJrqufAhrmmGARvyZErwD1nT17v6233g==
Age: 5217
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:19:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=394012,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791a289e2a20b50b-OSL
gum.criteo.com/sid/json?origin=rtus&domain=hooxs.com&sn=FirefoxSyncframe&so=3&topUrl=lmada.hooxs.com&bundle=ULeU0l9VNExWNnVPWDhOZjZ6NG5VOUNDMSUyRkY0WDRtcTU5U2h1RjRaZ2J3b0FQWnZaaENmOFhSSzRzNjQ0OTVESVIlMkZvdm1xVjdCZWN0OE1kNmg1JTJGT0YzJTJCdWwxbVVwRTYyN0ElMkJXRDR2RzMwSVdxb3Y4bTJDZVRXZkRwWDBvJTJGSEdVSXM0ZUNjR2JuTXhNcDUlMkZwSzNCNWljeXNFZyUzRCUzRA&info=eS6n8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcG9XQmNxam1vYjZNbW9iZDFNciUyQkk4ZQ&idsd=-640793925,808454534&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 363 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=hooxs.com&sn=FirefoxSyncframe&so=3&topUrl=lmada.hooxs.com&bundle=ULeU0l9VNExWNnVPWDhOZjZ6NG5VOUNDMSUyRkY0WDRtcTU5U2h1RjRaZ2J3b0FQWnZaaENmOFhSSzRzNjQ0OTVESVIlMkZvdm1xVjdCZWN0OE1kNmg1JTJGT0YzJTJCdWwxbVVwRTYyN0ElMkJXRDR2RzMwSVdxb3Y4bTJDZVRXZkRwWDBvJTJGSEdVSXM0ZUNjR2JuTXhNcDUlMkZwSzNCNWljeXNFZyUzRCUzRA&info=eS6n8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcG9XQmNxam1vYjZNbW9iZDFNciUyQkk4ZQ&idsd=-640793925,808454534&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
Hash 996649dddc6121752c25f66e7a5bf5dd
4cd79266ee5db0abd6ae80c7cbccd170ea9f9a16
e5023e06bcf4fc2776af8beeac16bb0a465ce59d652e49b8e0379adb5a533f73
GET /sid/json?origin=rtus&domain=hooxs.com&sn=FirefoxSyncframe&so=3&topUrl=lmada.hooxs.com&bundle=ULeU0l9VNExWNnVPWDhOZjZ6NG5VOUNDMSUyRkY0WDRtcTU5U2h1RjRaZ2J3b0FQWnZaaENmOFhSSzRzNjQ0OTVESVIlMkZvdm1xVjdCZWN0OE1kNmg1JTJGT0YzJTJCdWwxbVVwRTYyN0ElMkJXRDR2RzMwSVdxb3Y4bTJDZVRXZkRwWDBvJTJGSEdVSXM0ZUNjR2JuTXhNcDUlMkZwSzNCNWljeXNFZyUzRCUzRA&info=eS6n8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcG9XQmNxam1vYjZNbW9iZDFNciUyQkk4ZQ&idsd=-640793925,808454534&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1496131
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.9.7/OvaMediaPlayer.js
151.101.65.44200 OK 85 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.9.7/OvaMediaPlayer.js
IP 151.101.65.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 9b9bc6c09cbaeb8921ca2ce20de78fad
3e8677029b094cbc5333cf01252049df6eef9bf9
aa9bdbd056d643713422fa98e76b03b46928619c02bbe62fda4f300f512a1ad1
GET /vpaid/vPlayer/player/v14.9.7/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CqqqTfRbqdHqfexZA6kxVo7gLF/qg+YCViK+xkmB3DCmymvjq43FEr9Z69accvDFue1t94D+0EU=
x-amz-request-id: S2QS4FTRGZK5PY26
last-modified: Sun, 22 Jan 2023 06:32:34 GMT
etag: "9b9bc6c09cbaeb8921ca2ce20de78fad"
x-amz-meta-ctime: 1674369153
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1674369141
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
age: 711986
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 105499
x-timer: S1675081195.483644,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 84998
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.65.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.65.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
age: 3624814
x-served-by: cache-bma1672-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 190375
x-timer: S1675081195.484476,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
lmada.hooxs.com/sw.js
178.33.43.150200 OK 12 kB IP 178.33.43.150:0
File type ASCII text, with very long lines (18573)
Hash 5cfd203942a0bd9ae08294ee6cbc00a4
6bf31d62bdf068c40fc1482be45f5da86c3a8538
b91ac3caac5431fe88a1899e3bf36edd96c8ba855b62ccdb8457e1cb5ce8925a
GET /sw.js HTTP/1.1
Host: lmada.hooxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/t2159p25-topic
Connection: keep-alive
Cookie: exadd=167509; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.1334279213.1675081206; _gid=GA1.2.1398454970.1675081206; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 677 B URL HTTP/2 am-match.taboola.com/sync?dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash b61a8f31b7c431db587f221127e806d3
498d9c8eea4a54eecb5d9408c5e0834f3985f264
d7cf302becc7b9c4081eb2e4a0e68c258725e8bcdb5385c5bc7662cc377c0b99
GET /sync?dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.65.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.65.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5487
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675081195.499700,VS0,VE115
x-vcl-time-ms: 115
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.65.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.65.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
age: 17120
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 2247
x-timer: S1675081196.670420,VS0,VE0
cache-control: private,max-age=31536000
abp: 2
content-length: 254
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7WgsCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJLVc7VYmi2Mt2wxHbtFuNnFLfBvLWuGcrDYzx8xm8RiGQIIrj8lhmK3WkolvsBatNo61xDizuSUmw8ownFlMm8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3erHbYXLYhX6_8XPX-N1-0WWxWg4uq7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFhkWMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQYCjgufkeBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AJgdQqxG84Wu9FsM5odAAAAwN3___-_HkjsFqaFa-WcbDyD0WLj8O0GG5dt47GNhsvJaDPzngp0eV_airFNn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32NxCD1QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwMbNMNsbJxi0arpxr0XBlcit8M49bM7M5JwvDxDmxjNyi18f0MDk2E9tyi4IBKXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC77xm5hWrhWzsnGMxgtNg7fbrBx2TYe22i4nIw2M39jZplsjJONWzRcOdei4crkVvhmHrdmZnNOFoaJc2IZuUWvj-lhcmwmtuW-MdutBsPFYrnZN2a71WC4WCw3-w6d4bv6nI3O4Hji8bmMtmrUc3MYFC6Dxfv7XKTNaONmVGnDFovqWty5Jlah3-_3-_1-v9_v927MBo_BYHhZvtrCxPntWb7VzsZ7MChiieB0kU5EL-PpIpZInhbpRDHcDFab3WqxWQ4njtVosLDYJqbFYjaZmZaz5cQilihNF-lEL7osVsvBZbUW_Q1Pj0X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj9pPibx_9mRxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8kxYhSL_zIBQ!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 967 B URL HTTP/2 am-match.taboola.com/sync?dast=V7WgsCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJLVc7VYmi2Mt2wxHbtFuNnFLfBvLWuGcrDYzx8xm8RiGQIIrj8lhmK3WkolvsBatNo61xDizuSUmw8ownFlMm8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3erHbYXLYhX6_8XPX-N1-0WWxWg4uq7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFhkWMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQYCjgufkeBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AJgdQqxG84Wu9FsM5odAAAAwN3___-_HkjsFqaFa-WcbDyD0WLj8O0GG5dt47GNhsvJaDPzngp0eV_airFNn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32NxCD1QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwMbNMNsbJxi0arpxr0XBlcit8M49bM7M5JwvDxDmxjNyi18f0MDk2E9tyi4IBKXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC77xm5hWrhWzsnGMxgtNg7fbrBx2TYe22i4nIw2M39jZplsjJONWzRcOdei4crkVvhmHrdmZnNOFoaJc2IZuUWvj-lhcmwmtuW-MdutBsPFYrnZN2a71WC4WCw3-w6d4bv6nI3O4Hji8bmMtmrUc3MYFC6Dxfv7XKTNaONmVGnDFovqWty5Jlah3-_3-_1-v9_v927MBo_BYHhZvtrCxPntWb7VzsZ7MChiieB0kU5EL-PpIpZInhbpRDHcDFab3WqxWQ4njtVosLDYJqbFYjaZmZaz5cQilihNF-lEL7osVsvBZbUW_Q1Pj0X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj9pPibx_9mRxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8kxYhSL_zIBQ!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash 531a44085bcb7ba6e2c23411bc7f8094
62a07b23efa9b0dda35c9bbb67feb3c03d3a8087
5a1da82a3dc31b953fdc6f24312cf6511d1368b05588fa664cb4d461dafb9f9d
GET /sync?dast=V7WgsCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJLVc7VYmi2Mt2wxHbtFuNnFLfBvLWuGcrDYzx8xm8RiGQIIrj8lhmK3WkolvsBatNo61xDizuSUmw8ownFlMm8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3erHbYXLYhX6_8XPX-N1-0WWxWg4uq7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFhkWMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQYCjgufkeBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AJgdQqxG84Wu9FsM5odAAAAwN3___-_HkjsFqaFa-WcbDyD0WLj8O0GG5dt47GNhsvJaDPzngp0eV_airFNn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32NxCD1QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwMbNMNsbJxi0arpxr0XBlcit8M49bM7M5JwvDxDmxjNyi18f0MDk2E9tyi4IBKXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC77xm5hWrhWzsnGMxgtNg7fbrBx2TYe22i4nIw2M39jZplsjJONWzRcOdei4crkVvhmHrdmZnNOFoaJc2IZuUWvj-lhcmwmtuW-MdutBsPFYrnZN2a71WC4WCw3-w6d4bv6nI3O4Hji8bmMtmrUc3MYFC6Dxfv7XKTNaONmVGnDFovqWty5Jlah3-_3-_1-v9_v927MBo_BYHhZvtrCxPntWb7VzsZ7MChiieB0kU5EL-PpIpZInhbpRDHcDFab3WqxWQ4njtVosLDYJqbFYjaZmZaz5cQilihNF-lEL7osVsvBZbUW_Q1Pj0X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj9pPibx_9mRxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8kxYhSL_zIBQ!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:55 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=lmada.hooxs.com
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=lmada.hooxs.com
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?origin=rtus&topUrl=lmada.hooxs.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=53cbb07d-0435-4400-9673-cf5ce401ddcc; expires=Sat, 24 Feb 2024 12:19:53 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 605729
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:55 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
54.146.142.229200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 54.146.142.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:55 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1615e4c338bddd9e96d30d4993564ef1
9ec46c97fcbc60aa8eeb690b6ce45b47bb0d06e0
f4277aab514ef2269779cad4449d83e150382e063f4a7272e3fc0d5519c38919
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4558
Cache-Control: max-age=163642
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:56 GMT
Etag: "63d78058-1d7"
Expires: Wed, 01 Feb 2023 09:47:18 GMT
Last-Modified: Mon, 30 Jan 2023 08:31:20 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1615e4c338bddd9e96d30d4993564ef1
9ec46c97fcbc60aa8eeb690b6ce45b47bb0d06e0
f4277aab514ef2269779cad4449d83e150382e063f4a7272e3fc0d5519c38919
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:56 GMT
Last-Modified: Mon, 30 Jan 2023 10:30:43 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1615e4c338bddd9e96d30d4993564ef1
9ec46c97fcbc60aa8eeb690b6ce45b47bb0d06e0
f4277aab514ef2269779cad4449d83e150382e063f4a7272e3fc0d5519c38919
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6090
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:19:56 GMT
Last-Modified: Mon, 30 Jan 2023 10:38:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
web.ssp.yahoo.com/admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a969019017c7c2d14cc2d2d3441000b&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com&gdpr=1&gdpr_consent=&us_privacy=1---
35.157.246.167200 OK 190 B URL HTTP/2 web.ssp.yahoo.com/admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a969019017c7c2d14cc2d2d3441000b&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com&gdpr=1&gdpr_consent=&us_privacy=1---
IP 35.157.246.167:0
File type XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash ba30b58c10d46ed99e08984c6bccdcbf
db350a496e9e38764132aa2d1256d8f6e0a24ccf
c8e09d67d65bb459e5a2e0411b37520e3b732bd5d8f36a4916b6afd8c085d582
GET /admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a969019017c7c2d14cc2d2d3441000b&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: web.ssp.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:56 GMT
content-type: text/xml;charset=utf-8
content-length: 190
server: ATS/9.1.10.25
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-methods: GET,POST
access-control-expose-headers: X-Nexage-AdTid
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
web.ssp.yahoo.com/admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a96941e017c7c2d19b32d2be4070008&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com&gdpr=1&gdpr_consent=&us_privacy=1---
35.157.246.167200 OK 190 B URL HTTP/2 web.ssp.yahoo.com/admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a96941e017c7c2d19b32d2be4070008&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com&gdpr=1&gdpr_consent=&us_privacy=1---
IP 35.157.246.167:0
File type XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash ba30b58c10d46ed99e08984c6bccdcbf
db350a496e9e38764132aa2d1256d8f6e0a24ccf
c8e09d67d65bb459e5a2e0411b37520e3b732bd5d8f36a4916b6afd8c085d582
GET /admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a96941e017c7c2d19b32d2be4070008&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: web.ssp.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:56 GMT
content-type: text/xml;charset=utf-8
content-length: 190
server: ATS/9.1.10.25
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-methods: GET,POST
access-control-expose-headers: X-Nexage-AdTid
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
web.ssp.yahoo.com/admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a969884017c7c2d1e2c2d30080b000c&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com
35.157.246.167200 OK 190 B URL HTTP/2 web.ssp.yahoo.com/admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a969884017c7c2d1e2c2d30080b000c&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com
IP 35.157.246.167:0
File type XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash ba30b58c10d46ed99e08984c6bccdcbf
db350a496e9e38764132aa2d1256d8f6e0a24ccf
c8e09d67d65bb459e5a2e0411b37520e3b732bd5d8f36a4916b6afd8c085d582
GET /admax/adServe.do?dcn=8a969884017c7c2d1e2c2d294a370008&pos=8a969884017c7c2d1e2c2d30080b000c&secure=1&ht=218&wd=388&req(url)=https%3A%2F%2Flmada.hooxs.com HTTP/1.1
Host: web.ssp.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:56 GMT
content-type: text/xml;charset=utf-8
content-length: 190
server: ATS/9.1.10.25
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-methods: GET,POST
access-control-expose-headers: X-Nexage-AdTid
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
age: 0
set-cookie: A3=d=AQABBOy112MCEMhM5-L3zY87crcYjCqhpesFEgEBAQEH2WPhYwAAAAAA_eMAAA&S=AQAAArYG5mdGcYQprA5bT3AY7g8; Expires=Tue, 30 Jan 2024 18:19:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 25903e52c84b707f7cd4166764216921
19715acc955588ba48f92f4806f16fb4c06603d9
bfd22eb877b70352b37c90ba0d8fee7438b1456138e9559441ab632aa2c614cf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 12:19:56 GMT
Last-Modified: Mon, 30 Jan 2023 10:34:17 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AY9T7r-Q43j37x8nwDPCzXVcNY_2DgH5Xq0NTrp3acYcyiqhSg4LMA==
Age: 6339
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 25903e52c84b707f7cd4166764216921
19715acc955588ba48f92f4806f16fb4c06603d9
bfd22eb877b70352b37c90ba0d8fee7438b1456138e9559441ab632aa2c614cf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110913
Date: Mon, 30 Jan 2023 12:19:56 GMT
Etag: "63d6aa73-1d7"
Expires: Tue, 31 Jan 2023 19:08:29 GMT
Last-Modified: Sun, 29 Jan 2023 17:18:43 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EZpBn4AO8yQ2IkkqJ564rrRDOv3e2gaqXlD0OJ8ozojGFJQo66ntzA==
Age: 6587
cdn.taboola.com/scripts/cds-pips.js
151.101.65.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:56 GMT
via: 1.1 varnish
age: 611
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 876
x-timer: S1675081196.309645,VS0,VE0
vary: Accept-Encoding
abp: 2
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.65.44200 OK 4 B IP 151.101.65.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://lmada.hooxs.com
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=51b6ddb0d21246d99032ae55c31f575b&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=51b6ddb0d21246d99032ae55c31f575b&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1c2a2500c0febea11ae97f6e7e9a90d5
cebfe42f8bbf7762b49c20943f3258ce435f4bba
9bfe0b9c1d4188072a7d74f3d0089598100bd11b9558d7b674e2982a8d96d0b8
GET /gid.js?pub=0&userId=51b6ddb0d21246d99032ae55c31f575b&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Cookie: ID=92ffb59f25e245cd9fe38ac02d54745b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:20:00 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=92ffb59f25e245cd9fe38ac02d54745b; expires=Tue, 30 Jan 2024 12:20:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.34200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.34:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 55554
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=165757&tagid=946347&crid=-1&noaop=5&sortOrderType=0&cb=1675081206920&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1497&pt=25685201&tz=0&viewable=true&ddast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Flmada.hooxs.com&en=1
151.101.65.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=165757&tagid=946347&crid=-1&noaop=5&sortOrderType=0&cb=1675081206920&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1497&pt=25685201&tz=0&viewable=true&ddast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Flmada.hooxs.com&en=1
IP 151.101.65.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=165757&tagid=946347&crid=-1&noaop=5&sortOrderType=0&cb=1675081206920&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1497&pt=25685201&tz=0&viewable=true&ddast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=dfrc_vA!id5mc_vB!lvlstst-in2_vC!lvlstst1_vC!mprdctdt6_vA!smbs!t45!t45!u2822_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Flmada.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1458
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675081195.016355,VS0,VE51
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/lang/notutf8-ar.js
188.114.96.1200 OK 0 B URL HTTP/2 illiweb.com/rs3/71/frm/lang/notutf8-ar.js
IP 188.114.96.1:0
GET /rs3/71/frm/lang/notutf8-ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=73321
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 09:18:58 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 961254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNFruFuXmtB%2BDclAFCZ9lYiDX62dwQi3%2BZkqaBbyKEXoPXBbvaiecEq9WfLnSm%2BXMkOY47Dt0ubQMn%2BWPMpBsIHwCMfFICG3%2F4F1VfOAlbiOT1mU8kCQ15oDczMVHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288de8aeb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic&encoded=1&uid=1f22c82c-48e9-48ed-a7fc-3ff92a0b9b2d-tuctad13b69&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1675081206313&tagid=&cntry=NO&platform=1&sesid=17a4a5e92c3041ca770ce6cc6489243f&itemid=/t2159p25-topic&viewid=1675081205858&geolat=&geoing=&deviceifa=&appid=&sd=v2_17a4a5e92c3041ca770ce6cc6489243f_1f22c82c-48e9-48ed-a7fc-3ff92a0b9b2d-tuctad13b69_1675081193_1675081193_CNawjgYQ3pxDGOKQ-5TgMCABKAEwogE434cMQJ6XEEj5qNkDUP___________wFYAGAAaKeW6aDs7Oe75gFwAA&ri=183053751398b1540ab6b41162f4969b&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=
151.101.65.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic&encoded=1&uid=1f22c82c-48e9-48ed-a7fc-3ff92a0b9b2d-tuctad13b69&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1675081206313&tagid=&cntry=NO&platform=1&sesid=17a4a5e92c3041ca770ce6cc6489243f&itemid=/t2159p25-topic&viewid=1675081205858&geolat=&geoing=&deviceifa=&appid=&sd=v2_17a4a5e92c3041ca770ce6cc6489243f_1f22c82c-48e9-48ed-a7fc-3ff92a0b9b2d-tuctad13b69_1675081193_1675081193_CNawjgYQ3pxDGOKQ-5TgMCABKAEwogE434cMQJ6XEEj5qNkDUP___________wFYAGAAaKeW6aDs7Oe75gFwAA&ri=183053751398b1540ab6b41162f4969b&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=
IP 151.101.65.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic&encoded=1&uid=1f22c82c-48e9-48ed-a7fc-3ff92a0b9b2d-tuctad13b69&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1675081206313&tagid=&cntry=NO&platform=1&sesid=17a4a5e92c3041ca770ce6cc6489243f&itemid=/t2159p25-topic&viewid=1675081205858&geolat=&geoing=&deviceifa=&appid=&sd=v2_17a4a5e92c3041ca770ce6cc6489243f_1f22c82c-48e9-48ed-a7fc-3ff92a0b9b2d-tuctad13b69_1675081193_1675081193_CNawjgYQ3pxDGOKQ-5TgMCABKAEwogE434cMQJ6XEEj5qNkDUP___________wFYAGAAaKeW6aDs7Oe75gFwAA&ri=183053751398b1540ab6b41162f4969b&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv= HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1414
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675081194.466974,VS0,VE38
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=wVO5x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFJdWliMHBmcVhGWkhPWHdUeHFkTk4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=eS6n8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcG9XQmNxam1vYjZNbW9iZDFNciUyQkk4ZQ; expires=Sat, 24 Feb 2024 12:19:54 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 294214
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
lmada.hooxs.com/t2159p25-topic
178.33.43.150200 OK 0 B URL HTTP/2 lmada.hooxs.com/t2159p25-topic
IP 178.33.43.150:0
GET /t2159p25-topic HTTP/1.1
Host: lmada.hooxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: text/html; charset=windows-1256
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Mon, 30 Jan 2023 00:00:00 GMT
last-modified: Mon, 30 Jan 2023 12:19:52 GMT
vary: User-Agent
set-cookie: exadd=167509; expires=Mon, 30-Jan-2023 16:19:52 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
publisher.linkvertise.com/cdn/linkvertise.js
172.64.206.34200 OK 0 B URL HTTP/2 publisher.linkvertise.com/cdn/linkvertise.js
IP 172.64.206.34:0
GET /cdn/linkvertise.js HTTP/1.1
Host: publisher.linkvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: application/javascript
cache-control: max-age=3600
cf-bgj: minify
cf-polished: origSize=2869
etag: W/"b35-5f33ff6b37ac0-gzip"
expires: Mon, 30 Jan 2023 12:56:04 GMT
last-modified: Fri, 27 Jan 2023 14:48:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob5IMyxfToaU5zOTaXua%2FahA7enyXgtIfoxiNmemW5v8MiuCbxOqOBtL98FmwMZzbXXTspbFN3NTR1swfXgrUU68lmYwudgm0qvik5kwUXc%2BapYbqM1EwbrehsmEWCcJnhECfhOjLGY%2Fregs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-frame-options: sameorigin
server: cloudflare
cf-ray: 791a288e0f13731b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7OqMCFgNoLt--BWBPtQRoLt--BWBPtQUAAAAGBuIHJDeyuEbDlWkt8ex2a9Fot3ILN5aFW7AaLVcTy3LmmSyMQHIji2s0XJnWEs9utxaNdiu3cGNZuAWr0XI1sSxnnsnCChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXi92O0wOu9DvN37uGr_bL7osVsvBZbUW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYojfLjOKveTskqhAt4gRAAAAwJaWiubRpE6oLKr-___7rQCuAAACDAU8NWOydAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAVdAKxOIXbD2WI3mm1GswMAAAC4-____9cDid3CtHCtnJONZzBabBy-3WDjsm08ttFwORltZt5TgS7vS1sxtumLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLEzDLZGCcbt2i4cq5Fw5XJrfDNPG7NzOacLAwT58QycoteH9PD5NhMbMstCgak7EXytEgnwuXMOXEYV8OVzeJxGSYex3A23M08to3NNHNOhhOxRHOySCeyy76xW5gWrpVzsvEMRouNw7cbbFy2jcc2Gi4no83M35hZJhvjZOMWDVfOtWi4MrkVvpnHrZnZnJOFYeKcWEZu0etjepgcm4ltuW_MdqvBcLFYbvaN2W41GC4Wy82-Q2f4rj5nozM4nnh8LqOtGvXcHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVej3-_1-v9_v9_u9G7PBYzAYXpavtjBxfnuWb7Wz8R4MilgiuEgnMr_l9fabnn67W2G5iCVK00U60Ysui9VycFmtRX_D02MRSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9SfMxif_Pjixu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9IClGlHrhRy4!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:55 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=lmada.hooxs.com&info=wVO5x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFJdWliMHBmcVhGWkhPWHdUeHFkTk4&idsd=-640793925,808454534&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=lmada.hooxs.com&info=wVO5x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFJdWliMHBmcVhGWkhPWHdUeHFkTk4&idsd=-640793925,808454534&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=lmada.hooxs.com&info=wVO5x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dXd2x1WmZhU2JEWmNxZFdVZVRQcHFJdWliMHBmcVhGWkhPWHdUeHFkTk4&idsd=-640793925,808454534&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1458383
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=388&height=218&v=1&pageurl=https%3A%2F%2Flmada.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1675081207768&us_privacy=1---
34.228.3.156200 OK 0 B URL HTTP/2 ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=388&height=218&v=1&pageurl=https%3A%2F%2Flmada.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1675081207768&us_privacy=1---
IP 34.228.3.156:0
GET /getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=388&height=218&v=1&pageurl=https%3A%2F%2Flmada.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1675081207768&us_privacy=1--- HTTP/1.1
Host: ioms.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:56 GMT
content-type: application/xml
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-expose-headers: location
x-content-type-options: nosniff
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
vary: Origin, Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=TvmQy1UX3XdyZEw6AABYzO-8LQjfiyN2jSP4CULjGs5cX27mzN9_FJDlxYqgQYNZCf5I8QqylviTMyQi6PRbwNEyvmz4uytcQfmsCUapBMDO4XKa7Ry6wS-AU2Zy6QBPYUnVUwxuiX0zpFYYHpnnOgemSVD9FKKaY-aOGTDepH4yhoj9hP9Qu_O80epr8ZKJwfCa633qQtkMOymSZi4fhpbTWZWl8-yIK6IhsfKPXnk%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=a25b6e37-8af8-4871-8689-8b9990e21674&userId=92ffb59f25e245cd9fe38ac02d54745b&m=link
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/?rb=TvmQy1UX3XdyZEw6AABYzO-8LQjfiyN2jSP4CULjGs5cX27mzN9_FJDlxYqgQYNZCf5I8QqylviTMyQi6PRbwNEyvmz4uytcQfmsCUapBMDO4XKa7Ry6wS-AU2Zy6QBPYUnVUwxuiX0zpFYYHpnnOgemSVD9FKKaY-aOGTDepH4yhoj9hP9Qu_O80epr8ZKJwfCa633qQtkMOymSZi4fhpbTWZWl8-yIK6IhsfKPXnk%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=a25b6e37-8af8-4871-8689-8b9990e21674&userId=92ffb59f25e245cd9fe38ac02d54745b&m=link
IP 139.45.195.8:0
GET /?rb=TvmQy1UX3XdyZEw6AABYzO-8LQjfiyN2jSP4CULjGs5cX27mzN9_FJDlxYqgQYNZCf5I8QqylviTMyQi6PRbwNEyvmz4uytcQfmsCUapBMDO4XKa7Ry6wS-AU2Zy6QBPYUnVUwxuiX0zpFYYHpnnOgemSVD9FKKaY-aOGTDepH4yhoj9hP9Qu_O80epr8ZKJwfCa633qQtkMOymSZi4fhpbTWZWl8-yIK6IhsfKPXnk%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=a25b6e37-8af8-4871-8689-8b9990e21674&userId=92ffb59f25e245cd9fe38ac02d54745b&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Cookie: OAID=92ffb59f25e245cd9fe38ac02d54745b; oaidts=1675081194
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:54 GMT
content-type: application/json
x-trace-id: cc95cac1086aa45c62beb60821daed10
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=92ffb59f25e245cd9fe38ac02d54745b; expires=Tue, 30 Jan 2024 12:19:54 GMT; path=/; secure; SameSite=None
oaidts=1675081194; expires=Tue, 30 Jan 2024 12:19:54 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 06 Feb 2023 12:19:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
188.114.97.1200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 188.114.97.1:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 1211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cDjSeu2P3UJYk1wIqlo0YGwo%2FObbu2MfEiA44BhMQCk%2FDqxW9yRj%2B7yaWepnlo5CQaayh9tEqd0R2dqWljRFYPiRET42ODFPu%2FewPxG6RtUUdQb8JKI9jHV5oUhr9IikAGFDE4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a28907f5db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-1e4ab"
expires: Tue, 31 Jan 2023 12:19:52 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=lmada.hooxs.com
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=lmada.hooxs.com
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=lmada.hooxs.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=da1889d5-3212-4969-ac17-4b6c5e0995ef; expires=Sat, 24 Feb 2024 12:19:52 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 853892
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 628302
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/embed/FA_Embed.js
188.114.96.1200 OK 0 B URL HTTP/2 illiweb.com/rs3/71/frm/embed/FA_Embed.js
IP 188.114.96.1:0
GET /rs3/71/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:52 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:36:47 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 963785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fi3lkdulNUJ9axtg4kV1%2BveB9%2FNo3Qf66WeQDIzaQFN5xSh4GBN1vRyC7Em%2FuwgKpR2zYGQUkmT9lPsQ9499PBBicArvdBPCk1LaKlpX1eQ7JpVtbQUAbmOneuBrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a288de8acb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.415
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.415
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lmada.hooxs.com/
Origin: https://lmada.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:19:53 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ioms.bfmio.com/getmu?aid=451778c9-7900-4542-916a-95dd2097ac72&output=html5&width=388&height=218&v=1&pageurl=https%3A%2F%2Flmada.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1675081207767&us_privacy=1---
34.228.3.156200 OK 0 B URL HTTP/2 ioms.bfmio.com/getmu?aid=451778c9-7900-4542-916a-95dd2097ac72&output=html5&width=388&height=218&v=1&pageurl=https%3A%2F%2Flmada.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1675081207767&us_privacy=1---
IP 34.228.3.156:0
GET /getmu?aid=451778c9-7900-4542-916a-95dd2097ac72&output=html5&width=388&height=218&v=1&pageurl=https%3A%2F%2Flmada.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1675081207767&us_privacy=1--- HTTP/1.1
Host: ioms.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:19:56 GMT
content-type: application/xml
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
access-control-expose-headers: location
x-content-type-options: nosniff
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
vary: Origin, Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A20%3A05.861<i=deflated&data=%7B%22id%22%3A1%2C%22ii%22%3A%22%2Ft2159p25-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1674986542547%2C%22vi%22%3A1675081205858%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic%22%2C%22vpi%22%3A%22%2Ft2159p25-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A7643%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A395%2C%22mw%22%3A0%2C%22amw%22%3A759.5166625976562%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A7604%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft2159p25-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.65.44200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A20%3A05.861<i=deflated&data=%7B%22id%22%3A1%2C%22ii%22%3A%22%2Ft2159p25-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1674986542547%2C%22vi%22%3A1675081205858%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic%22%2C%22vpi%22%3A%22%2Ft2159p25-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A7643%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A395%2C%22mw%22%3A0%2C%22amw%22%3A759.5166625976562%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A7604%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft2159p25-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.65.44:0
GET /forumotion-ar/trc/3/json?tim=12%3A20%3A05.861<i=deflated&data=%7B%22id%22%3A1%2C%22ii%22%3A%22%2Ft2159p25-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1674986542547%2C%22vi%22%3A1675081205858%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Flmada.hooxs.com%2Ft2159p25-topic%22%2C%22vpi%22%3A%22%2Ft2159p25-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A7643%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A395%2C%22mw%22%3A0%2C%22amw%22%3A759.5166625976562%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A7604%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft2159p25-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://lmada.hooxs.com
Connection: keep-alive
Referer: https://lmada.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://lmada.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:19:54 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675081194.929187,VS0,VE339
vary: Accept-Encoding
x-vcl-time-ms: 339
X-Firefox-Spdy: h2