rivana.hooxs.com/t268-topic
178.33.43.178301 Moved Permanently 0 B URL HTTP/1.1 rivana.hooxs.com/t268-topic
IP 178.33.43.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t268-topic HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Sep 2022 10:22:22 GMT
Content-Length: 0
Location: https://rivana.hooxs.com/t268-topic
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9495
Expires: Sun, 04 Sep 2022 13:00:37 GMT
Date: Sun, 04 Sep 2022 10:22:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 09:51:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1g_0clpJ4KtVVqQKU76oBTjgY5TYLvWO4wmxSIOumyIQR54183UMng==
Age: 1875
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n5CfHRrjCvkWJFuL33rzt-nQeeVfnJEctdeWXnRzgj1Tj5BQQw-TfQ==
age: 32825
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1aed2b685fc29091a3e0a2bfdf9b3f5e
f9e9f818f153306168a7f9b86d3bb54218361d6d
d65197ba15759ce158ca28581ee980f2bdfc22c982f916af7a1f3a9f6722dfd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D65197BA15759CE158CA28581EE980F2BDFC22C982F916AF7A1F3A9F6722DFD0"
Last-Modified: Sat, 03 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13667
Expires: Sun, 04 Sep 2022 14:10:09 GMT
Date: Sun, 04 Sep 2022 10:22:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illiweb.com/rs3/62/frm/embed/FA_Embed.js
104.21.63.213200 OK 654 B URL HTTP/2 illiweb.com/rs3/62/frm/embed/FA_Embed.js
IP 104.21.63.213:0
File type ASCII text, with no line terminators
Hash 7b97e9bb5ca8814ff50d3b0d9c32a10c
c3a1b0ae038bd940bc731e4f6979a7919fa46ce2
bd73addbe5e5c0aac0ba608be87671522ac2fa0c98e1e18255b52d270a7a006c
GET /rs3/62/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:50:22 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2838720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM6MKau7KwAjEv3JZPkx%2Fjp2AAnWfTbNj%2BCzAJQY%2BYiIJ588DLeyEzmvVTAQ2KHx7W0feGbXTMoUvUDICxYe0k9JLbXA%2FFY3KfxruM7xLo4hAscmzasPvQe6hYpqQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600ef996bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/62/frm/lang/ar.js
104.21.63.213200 OK 19 kB URL HTTP/2 illiweb.com/rs3/62/frm/lang/ar.js
IP 104.21.63.213:0
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash fd5df2e8a343a783c98c7ecc5b9134b7
27ad6ec0e44d45c890d1fdb1700eac7d0663a5bd
3b8ad936ee91bc56e2c9d3d9f85f1ec7240964fe1b6d6425e8b5f7fee5c83f7a
GET /rs3/62/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74831
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:57:26 GMT
last-modified: Mon, 01 Aug 2022 14:50:40 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2838296
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT7AdJBFyMQFA28I43Ac5EPV8Skr%2FxKr7cUGFfX6oWBvcyqQeuhSK8Fm%2FxZUlPYwxt72GP19jYBR%2FV718Yb4yNeKJxSKTnEnBlT8OAmItLcJbNv9UfwTlvf%2BnTfWrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600ef9964b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
172.217.21.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 172.217.21.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 03:55:25 GMT
expires: Mon, 04 Sep 2023 03:55:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 23217
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.175200 OK 43 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "57304e3e-2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 May 2016 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22211326
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMweHqMo25MVcoVWcBWRUwWVx%2BIk%2BlsNk4Aa%2FDQ%2BaV05rNxkbu9hel049HtWAnY%2F5aEvTKQhOvOdUihWeZO2BFUOFxSBHr2yTMbxJ%2F8yvK5v4Sb%2FYse29AZ3Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6174f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.175200 OK 42 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-2a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22211324
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEcrIz3hBPG1tovqDVlbq0G8ixxofcLUocuHuP%2BGU6TJbtlbj5T9w5TXVU%2BYmGzxPc3Y62jErkXJvqfdlAaefKsEizcbGyp%2BfeBHrnmpBzfo3iyoDygXQ4XoNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6a74f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.72200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 8c4a47cd51062d4a9cf70e15d8eb3fed
9c503aeed8e38da9398c0b74f26794baa2aacf7b
d9849f5c074907c49725e149dd8947a513cd6381a5f9c8a48a065893ce25c47b
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 10:22:22 GMT
expires: Sun, 04 Sep 2022 10:22:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 35641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 95fdf4441053fa6357314ab5cb1d7031
c8f7cdb2d2d9d0c56d5f30162642a58c343da9f1
6ba0482cc3c21cb50a778cea60b0d5824f564dedcb5ec92ffbea7350c8441de2
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 10:22:22 GMT
expires: Sun, 04 Sep 2022 10:22:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/s/t/13/41/32/i_icon_mini_login.gif
104.21.235.175200 OK 3.7 kB URL HTTP/2 2img.net/s/t/13/41/32/i_icon_mini_login.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 89 x 94\012- data
Hash fda1d4fd0e90373cdf08b34980a93d0d
74d212976ead338756327c1f1fb9b0558aa0727e
c2d812a7ab3a9a7d62da9c24458c718b23f66af85af354605c29a9d4eaea8ff0
GET /s/t/13/41/32/i_icon_mini_login.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: image/gif
content-length: 3712
last-modified: Wed, 27 Oct 2010 17:29:29 GMT
etag: "4cc86179-e80"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nJ6bcxMqwnfmITwXpV7DVw%2Fa2NCv1Vv2de%2F04qSVdfx9IO5bBrt%2Fuc%2FFtia4u2%2F73rfB2sbdNOyujOylGk4mpZXBhLKG1%2FtPd%2FTZi3xmO6%2BUa%2F8jW8MqzVfng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6474f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 04a393832995fdd2ff9af4201898894f
bd7cdfb3eca24533412569e6ff1976087d702dd8
ab91ca133a0e29ac4f78752f38ded4137d4e14a17efad81a0f4de09652ae36c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Last-Modified: Sun, 04 Sep 2022 09:56:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5783
Cache-Control: max-age=170447
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Etag: "63145c96-1d7"
Expires: Tue, 06 Sep 2022 09:43:09 GMT
Last-Modified: Sun, 04 Sep 2022 08:06:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 153d384c0d3a43d55c4d386d2572fa77
a644b4f8be9db0b3b1ea3e6fe0aa78d5986d0de7
5a7dfb5bb99101bd807d15157b4863e2c21f731f7905ad2a5a9c337dcf341621
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3111
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Last-Modified: Sun, 04 Sep 2022 09:30:31 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/h/www.k7elt.com/vb/images/Pink-Candy/Pi-Ca-80.gif
104.21.235.175301 Moved Permanently 178 B URL HTTP/2 2img.net/h/www.k7elt.com/vb/images/Pink-Candy/Pi-Ca-80.gif
IP 104.21.235.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/www.k7elt.com/vb/images/Pink-Candy/Pi-Ca-80.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 04 Sep 2022 10:22:22 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8yiyfw79ooDdme4Xrn0%2FJs%2FNqMeVYErslg4uCRlAP652cTMH0hq2B3AO18ZpvT3CZkStsYTF%2F5Jvk6Gu3MrKTsiEOASwpzfSPVHRbBeNz7dRIplBJ0flqTEtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6874f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.k7elt.com/vb/images/Pink-Candy/Pi-Ca-62.gif
104.21.235.175301 Moved Permanently 178 B URL HTTP/2 2img.net/h/www.k7elt.com/vb/images/Pink-Candy/Pi-Ca-62.gif
IP 104.21.235.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/www.k7elt.com/vb/images/Pink-Candy/Pi-Ca-62.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 04 Sep 2022 10:22:22 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9jlicQSM%2FTUdy2k974HqWPGaWFD4wXEzzVqq1dRACMsGijxg9lJgfhJXsclpEDN8tSz%2FRd0E0k3skFdB1aDMw5gjM6BmNd2R7czshxZg5rD8UYmOsL5Ilv%2B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6674f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/41/32/i_icon_mini_register.gif
104.21.235.175200 OK 2.6 kB URL HTTP/2 2img.net/s/t/13/41/32/i_icon_mini_register.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 83 x 94\012- data
Hash bc6e9d2c27337d32b34c532cf0e90795
7974e06730e25e6802ffc1d3223279fca7fe63dd
573dfc6d35ddda23fa3cebed5143bfc6326e477d580aae4e7c17838f69c39b6f
GET /s/t/13/41/32/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: image/gif
content-length: 2626
last-modified: Wed, 27 Oct 2010 17:29:29 GMT
etag: "4cc86179-a42"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw93SrEJtxnNX3GHFgcy89VTCKk2kDckPREjUg5UDiz3b00kfwJF8x2D3Y%2FxHhN3kn2cZMkDLq9aoMB9m9p0zMul0i70y79%2BQ8D6tSC1e4ZxDelAeGORTdZDsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6574f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/41/32/i_icon_mini_index.gif
104.21.235.175200 OK 3.8 kB URL HTTP/2 2img.net/s/t/13/41/32/i_icon_mini_index.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 104 x 94\012- data
Hash cacfe712f8ba84c643adfe771c5673b4
61557f6e25797903913deb1c5f8b51952d7a694b
f9029e5f9959a3a546259686fd82b7228d5b22da60cf3162ec94b0d69e36a0d1
GET /s/t/13/41/32/i_icon_mini_index.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: image/gif
content-length: 3814
last-modified: Wed, 27 Oct 2010 17:29:30 GMT
etag: "4cc8617a-ee6"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnNZ6G%2BiE40VJ%2FrY%2BBb%2FWLtq%2FDF5J1f%2B9uwgkolvOCqoe8X2SN4SaA6h8iTyxPwr4ss6%2FYEQTM89OQpu%2BOc%2FNrbhLz%2BUcbkPACdfaqiYF8Davh%2BPfHgxdg5rrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600effa6974f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rivana.hooxs.com/0-rtl.css
94.23.159.185200 OK 54 kB URL HTTP/2 rivana.hooxs.com/0-rtl.css
IP 94.23.159.185:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash c2bfd5aa2c8debdc0a05fda377b38915
bffe02970e28c18a5fcb83d023b880b7872a8b76
bd1d4e33096202219ec9e2c271b948857c615e481d4d38d411708af563bd5445
GET /0-rtl.css HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/t268-topic
Cookie: exadd=166230
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: text/css
content-length: 54297
last-modified: Sun, 04 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 652ece0b58479c1a0c6d618d7bff6f79
76bdf5f12e08d0ee11d9e345b1cdf168eee82683
4bdb5593e5d41563ca9a787cb7504cf75723bbe042eeac968c749806cfaff3b3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 10:22:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 06:56:03 GMT
Expires: Sat, 10 Sep 2022 06:56:02 GMT
Etag: "76bdf5f12e08d0ee11d9e345b1cdf168eee82683"
Cache-Control: max-age=505419,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745600f1599e1bfe-OSL
push.services.mozilla.com/
54.191.222.112101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.222.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 99Sq+xYlWIOMuzJBQvVtvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: khEbQTN6S08PA9HBnHyq9ZYmaTs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a6203932d202955eacda8e3000cb1b65
74fa2238e6f67ffe619fa1666f0376630fcde8d3
10f33bd7a02943785eec192f5893322e18922a60e2fb19b905c04e980d9f96b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10F33BD7A02943785EEC192F5893322E18922A60E2FB19B905C04E980D9F96B6"
Last-Modified: Fri, 02 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15697
Expires: Sun, 04 Sep 2022 14:44:00 GMT
Date: Sun, 04 Sep 2022 10:22:23 GMT
Connection: keep-alive
illiweb.com/rs3/62/frm/jquery/cookie/jquery.cookie.js
104.21.63.213200 OK 13 kB URL HTTP/2 illiweb.com/rs3/62/frm/jquery/cookie/jquery.cookie.js
IP 104.21.63.213:0
File type ASCII text, with very long lines (1011), with no line terminators
Hash 93019fb453264f912787bc1869515374
deecbc3bf9fd3519b7f12994c444b52db5a89d06
f7995a239a0f946dfd0f4d6e9ffd74490e10fabb2d89f0a8da9d71cf050e350a
GET /rs3/62/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:50:22 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2838720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJSoFMB0a26WEkfRILrpKVETpvxs9DgNT%2BV%2FsR8Wr%2BiZBag4WXWuZBtAE2h4hvQufH2OIJYNGMCvu%2ByJH0emgULFjkSiCPW9BS7tnISQkweAqllGxOWBQ0%2FqukgUqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600efa978b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 17 kB URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
Hash 822f758e855921feb5a9f28c0ce52624
a2f4b45f4a335725680603fbde6723b416bf99f7
f7fba1ab32d21bb7117ba5a8a3aa3153e9f091823d35e73f8d318248cdd220b9
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Tue, 04 Oct 2022 10:22:22 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 6746:6F50:32165A:33D074:630E6082
vary: Accept-Encoding
x-fastly-request-id: 69f79345a06b0b1141ad45c449ca4ccd3478aa17
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5412d65519ee785a59d6bfc7b0be9a2c
6f07fd9e8f825f2f6c95a593bf6a59d5e53ecd76
abf1b5b9246447b5cb9f8105d7aa1273b56119ee281bdb90ff9384e2dca81ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:23 GMT
Last-Modified: Sun, 04 Sep 2022 08:45:32 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=rivana.hooxs.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=rivana.hooxs.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 1fb9d422d5350872076188e99127ae01
c5342f187df33d08d8aea8a9e1d1edbafb02265a
e91556199f6079ae6648516eb0879d163b9fd5183a53113f2c9d1d2e568878be
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=rivana.hooxs.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 72f355e725b7256c12689964b7598029
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 6.4 kB URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Hash a429eb7a3e42579f0680cb7bb89f21eb
8ba794d1fc7f7ee862ae5040167a41b91634082b
4f1466db8b61efec991bbaf0f345db98b8329dec2f8c0feed39ae12935b978ba
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=plyBeV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hnRkgyUzcwWWk2aHAxQjNyZ2pZbW9iUGhHOFVHdFI4UWloN1BoUThjJTJCNA; expires=Fri, 29 Sep 2023 10:22:23 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 341509
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 5b1303fcc3d9db639e536f97b5d38d96
efac05ba8fb17f2612eb65293378cc2745fca7c8
c52e04b3e6c4a48a2df3ff88eb0aa00f9cae5d6c752a309892d8a822b6e11a63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:23 GMT
Last-Modified: Sun, 04 Sep 2022 09:17:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 5b1303fcc3d9db639e536f97b5d38d96
efac05ba8fb17f2612eb65293378cc2745fca7c8
c52e04b3e6c4a48a2df3ff88eb0aa00f9cae5d6c752a309892d8a822b6e11a63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:23 GMT
Last-Modified: Sun, 04 Sep 2022 09:16:59 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 312
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1335c577bdd4978723591685f0c73add
e29054164f0f1a48b17fdd7580c6f461fce9eb45
99124593c9d8f090ed1c445e866ad3d46b06f0f211e7c641fa768d3cef9c960c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99124593C9D8F090ED1C445E866AD3D46B06F0F211E7C641FA768D3CEF9C960C"
Last-Modified: Fri, 02 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7150
Expires: Sun, 04 Sep 2022 12:21:33 GMT
Date: Sun, 04 Sep 2022 10:22:23 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Content-Type: application/json
Origin: https://rivana.hooxs.com
Content-Length: 379
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5bb1ea9f97d1a200c275a6d5c7d6f9fe
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Content-Type: application/json
Origin: https://rivana.hooxs.com
Content-Length: 454
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 4c3fee3fdc6390bab8c2a6a0172b98fd
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=rivana.hooxs.com&info=vpkJHV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hnRkgyUzcwWWk2aHAxQjNyZ2pZbXJZdHYwZFVmOEpxbVpHU0tKWDBkYVQ&idsd=-1261565828,1546669770&cw=1&lsw=1
178.250.0.157200 OK 25 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=rivana.hooxs.com&info=vpkJHV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hnRkgyUzcwWWk2aHAxQjNyZ2pZbXJZdHYwZFVmOEpxbVpHU0tKWDBkYVQ&idsd=-1261565828,1546669770&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65115)
Hash 90bc791b98ff4fc7a51a3484577ce1f8
d0f1189e35eed5d6506ad89abe2fe41cf9f32f1e
103ce7b60f771fd103d6b3f334c40e0bd3970d168d81ba5cb79be02b70f2e542
GET /sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=rivana.hooxs.com&info=vpkJHV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hnRkgyUzcwWWk2aHAxQjNyZ2pZbXJZdHYwZFVmOEpxbVpHU0tKWDBkYVQ&idsd=-1261565828,1546669770&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1029006
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 49 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1b36092bd3cfb5b55aa9d7030031e675
396b5b7c2260020ace5bf179a3e2297a9844ac3e
07f62d183917573e43b0ba9ea3048aa54044955649845e2f6bb40f201afff49c
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/javascript
x-trace-id: 614bab21df4e021fdb8d8156c9c3e9de
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8777030905a349f984e24ca5a26562fb; expires=Mon, 04 Sep 2023 10:22:23 GMT; path=/; secure; SameSite=None
oaidts=1662286943; expires=Mon, 04 Sep 2023 10:22:23 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
172.64.155.188200 OK 283 B IP 172.64.155.188:0
Hash d02a51589c4ec6b20ffc83349785f740
a41435d1a6ff792b9761cf437b11484e2f0afd0a
e9e5007c53abeccebf0303f6273e802bfd7734f6e6914fa261166a839f814135
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 10:22:23 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 00:47:11 GMT
Expires: Sat, 10 Sep 2022 00:47:10 GMT
Etag: "a41435d1a6ff792b9761cf437b11484e2f0afd0a"
Cache-Control: max-age=483286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745600f679f30afa-OSL
rivana.hooxs.com/sw.js
94.23.159.185200 OK 31 kB IP 94.23.159.185:0
File type ASCII text, with very long lines (5459)
Hash 9d3f7a8d0a9bb628ed7cc808fc666b3e
53cfea65ec606e4363cfb0f755459f3c5053af5e
5700f713c625490cb6c8e85184ebcf334bcb2acdc5bd3e7b93a54dcdf673801d
GET /sw.js HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/t268-topic
Connection: keep-alive
Cookie: exadd=166230; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=128&profileId=206&cb=37311636380
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?ptv=128&profileId=206&cb=37311636380
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?ptv=128&profileId=206&cb=37311636380 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 565
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Sep 2022 10:22:23 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://rivana.hooxs.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Content-Type: application/json
Origin: https://rivana.hooxs.com
Content-Length: 387
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: caf6b176f70bbafde6bc1490ab681de8
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.15200 OK 511 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.15:0
Hash e6444f13348a110caf61da4d4e6d5d60
2e0c24497f87ec31d7e04f67d4ef4ef5d5d84efe
9256c81216f61dfcf169030ffa23546b9dca174b6ef781e89d050fbae0b098c3
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 76473
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=8777030905a349f984e24ca5a26562fb
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=8777030905a349f984e24ca5a26562fb
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d6004dbb2897836ec11d7757e306ed55
4eb142095c9c511add13d8da141f10068ac3a9d7
3ee17e4b68361a47f7860a13eabfc8a74c84a310b3443047415cd6e1cbf20a1b
GET /gid.js?userId=8777030905a349f984e24ca5a26562fb HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8777030905a349f984e24ca5a26562fb; expires=Mon, 04 Sep 2023 10:22:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 41ea586f0e66dcd46f50ab3938543b12
d7a3d6a40066652fc85cdaab9e613246b6af4aab
60b133ec87e89ec28689b760f6ce265eee0e935dca93f42543885a05f8b19a79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 10:22:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 18:25:21 GMT
Expires: Thu, 08 Sep 2022 18:25:20 GMT
Etag: "d7a3d6a40066652fc85cdaab9e613246b6af4aab"
Cache-Control: max-age=373975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745600f7fb59b512-OSL
my.rtmark.net/gid.js?pub=0&userId=aaead203b37d4c7cbf742ff908865e41&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=aaead203b37d4c7cbf742ff908865e41&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 94fbfbe0d5219573c9fe6069b5e24a21
9b367891ba85b9551d79353454fbdb4d7f654d91
cc9d7b4f16a057f59711f16dbdc8078c42e72783357e3115b1ed92c4599da0c2
GET /gid.js?pub=0&userId=aaead203b37d4c7cbf742ff908865e41&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=aaead203b37d4c7cbf742ff908865e41; expires=Mon, 04 Sep 2023 10:22:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Wed, 30 Aug 2023 10:22:24 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Wed, 30 Aug 2023 10:22:24 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
151.101.85.44200 OK 144 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Size 144 kB (143746 bytes)
Hash f99081e036ad44ecd83b6dd03b78f42c
69ede7af0c694c1ed707aae5840f78a46fa6c04a
c861ee56cb23a2c9ebf1666e5ccae66fa18ffeee99ac578a2ab443f0a8ebb845
GET /libtrc/impl.20220901-10-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: e1oAfIfowvJpa21/5bjCE9G35YojCHsqHOqqsJuqyZ9L2vmy1B//s1SzSnYQDwiP2HEvuZK0TUk=
x-amz-request-id: 42VMEV83HQH98ANN
last-modified: Thu, 01 Sep 2022 15:39:33 GMT
etag: "f99081e036ad44ecd83b6dd03b78f42c"
content-encoding: br
x-amz-version-id: XcO9Ce5eP4NNyo4ggckl6eoZTxYkj_HZ
content-type: application/javascript
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
via: 1.1 varnish
age: 9768
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 3795
x-timer: S1662286944.246274,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 90
server: AmazonS3-br
content-length: 143746
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash dbb961ad453074b4605d070f16084bc7
01fba68efe7860df05ea6f7428b2f687e700035c
5ffbc23df385a08597516fb512edb87f8699255089e3d203e302bd6444580fd1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108934
Date: Sun, 04 Sep 2022 10:22:24 GMT
Etag: "63136efc-1d7"
Expires: Mon, 05 Sep 2022 16:37:58 GMT
Last-Modified: Sat, 03 Sep 2022 15:13:00 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xAarJ7N5dcTEtQQIs0J0aODvyItoxYBuHBaR9XMka7ZbazIoTbMSjg==
Age: 5098
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=734868091.1662286941&jid=981391870&gjid=459912034&_gid=1013348105.1662286941&_u=YEBAAUAAAAAAAC~&z=1515960173
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=734868091.1662286941&jid=981391870&gjid=459912034&_gid=1013348105.1662286941&_u=YEBAAUAAAAAAAC~&z=1515960173
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=734868091.1662286941&jid=981391870&gjid=459912034&_gid=1013348105.1662286941&_u=YEBAAUAAAAAAAC~&z=1515960173 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://rivana.hooxs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Sep 2022 10:22:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=UlkgwoA-HWnKRPgRR9loQdGPMvt_eDA6VwW8iXEXGLT-kA73Xfr_IMAbmEGExiB6AA3XJTlCekrydBxGl3l8mJqxohxm1lQVkBvsb4mN3nuQKTzqhcN7J9VrK-b2JTZSK3jr8h4nz2blS7bYmNmVEgh9HMxasVr2VvCre7WEZqY7W2apW4V8dMfSdqFBmG2fLOvdhKTy9vA86-ex8hbYzIBnfSj3EA4M&request_ab2=0&zoneid=3765907&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frivana.hooxs.com%2Ft268-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=42fd1dac-f4b6-4b6d-9a83-110f7f22536c&userId=8777030905a349f984e24ca5a26562fb&m=link
139.45.195.8200 OK 1.6 kB URL HTTP/2 cdn.betgorebysson.club/?rb=UlkgwoA-HWnKRPgRR9loQdGPMvt_eDA6VwW8iXEXGLT-kA73Xfr_IMAbmEGExiB6AA3XJTlCekrydBxGl3l8mJqxohxm1lQVkBvsb4mN3nuQKTzqhcN7J9VrK-b2JTZSK3jr8h4nz2blS7bYmNmVEgh9HMxasVr2VvCre7WEZqY7W2apW4V8dMfSdqFBmG2fLOvdhKTy9vA86-ex8hbYzIBnfSj3EA4M&request_ab2=0&zoneid=3765907&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frivana.hooxs.com%2Ft268-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=42fd1dac-f4b6-4b6d-9a83-110f7f22536c&userId=8777030905a349f984e24ca5a26562fb&m=link
IP 139.45.195.8:0
File type JSON data\012- , ASCII text, with very long lines (2147), with no line terminators
Hash 5efc25e35c7db1d2c37e78012a5942ab
3754d168d8f7877bbba12a4bd170c42938fc14ca
659da1afe84038d7ced30e5d1b56e2200c7c46b5dfdb6e4341f55015531591fe
GET /?rb=UlkgwoA-HWnKRPgRR9loQdGPMvt_eDA6VwW8iXEXGLT-kA73Xfr_IMAbmEGExiB6AA3XJTlCekrydBxGl3l8mJqxohxm1lQVkBvsb4mN3nuQKTzqhcN7J9VrK-b2JTZSK3jr8h4nz2blS7bYmNmVEgh9HMxasVr2VvCre7WEZqY7W2apW4V8dMfSdqFBmG2fLOvdhKTy9vA86-ex8hbYzIBnfSj3EA4M&request_ab2=0&zoneid=3765907&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frivana.hooxs.com%2Ft268-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=42fd1dac-f4b6-4b6d-9a83-110f7f22536c&userId=8777030905a349f984e24ca5a26562fb&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Cookie: OAID=8777030905a349f984e24ca5a26562fb; oaidts=1662286943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: application/json
x-trace-id: db50d856c549cd8195db7e160ba2379b
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8777030905a349f984e24ca5a26562fb; expires=Mon, 04 Sep 2023 10:22:24 GMT; path=/; secure; SameSite=None
oaidts=1662286944; expires=Mon, 04 Sep 2023 10:22:24 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Sep 2022 10:22:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
api.viglink.com/api/ping
176.34.209.96200 OK 259 B IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash 22205b1be337cb25aa3d9fc534a5b94d
cb85c0b200088cb3d6329f4b3124d7ca8f737047
1a663c082c621984940a2eaccf702af5ae5ba1f6af1d48b256551e90474a1cbb
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Sep 2022 10:22:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Sun, 04 Sep 2022 11:09:40 GMT
Date: Sun, 04 Sep 2022 10:22:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Sun, 04 Sep 2022 11:09:40 GMT
Date: Sun, 04 Sep 2022 10:22:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2836
Expires: Sun, 04 Sep 2022 11:09:40 GMT
Date: Sun, 04 Sep 2022 10:22:24 GMT
Connection: keep-alive
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 15 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash a6a4e32abc88a18769a5bf42de5c0f3d
6ba6d805bc44d06c16a13ed676e8d386532f4acf
b00154491c6001fdd4961ead984771b9a15d19494393f7fa69abcf0407c0ea8b
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
x-crto-bundle: zTiTW183bnRnb3Q0a3RZZUNieFZaUXlMSkZMWk13elRjNmNPZzdHUGFXZXdkRFJWcHVVNTZGdHdtdHFxVGFnZVk0cmtSNTVWQXhoUkU3MkFxdkRtc3VlWmFHQ3BNa213UW1qN3NrMmhVRXFrSnRVeE5qSlV0dCUyQjR4SUVJY01SYVYlMkZaOU5yYjJCZGs1Vk9Ec3pRYzJvYlRFNGlRJTNEJTNE
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://rivana.hooxs.com
server-processing-duration-in-ticks: 2043251
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 371
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Sep 2022 10:22:23 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://rivana.hooxs.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e7beff9-947d-413f-a36c-3dc74d9e7e15.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e7beff9-947d-413f-a36c-3dc74d9e7e15.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0de9027ed264cacf67433af503eb3d24
7a63830b43a8bc9d0ca570b7ef7886e0b1e32a97
cd8af5bd5ac0371755bb944e0b6eb8f7265079aa8bebd39a030b6633c91abf27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e7beff9-947d-413f-a36c-3dc74d9e7e15.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5457
x-amzn-requestid: 48f36618-6a2a-430e-9289-d6b19e811651
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2nkcHF2oAMFkkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312861c-4671c3a00c5023a31d9ecc0e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 22:39:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eJ4DLwZG-rKPLVI9VoYeQ7IAsW5X3VEL_6yXjmaoxkZMLGRex6xv6w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 06:48:27 GMT
age: 12837
etag: "7a63830b43a8bc9d0ca570b7ef7886e0b1e32a97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rivana.hooxs.com/sw.js?v=3.1.391&o=aaead203b37d4c7cbf742ff908865e41&pub=0&p=2308013
94.23.159.185200 OK 7.8 kB URL HTTP/2 rivana.hooxs.com/sw.js?v=3.1.391&o=aaead203b37d4c7cbf742ff908865e41&pub=0&p=2308013
IP 94.23.159.185:0
Hash d5de137d461a4b047d95c57303dc4a27
ba3fb90612a2020950bb13d285e6c95bcaa7a22a
4705de25adf1a4d9de0bfa5850946a66af0b37b0b97e82e529f052381f74359e
GET /sw.js?v=3.1.391&o=aaead203b37d4c7cbf742ff908865e41&pub=0&p=2308013 HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166230; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.734868091.1662286941; _gid=GA1.2.1013348105.1662286941; _gat_gtag_UA_144347007_1=1; cto_bundle=zTiTW183bnRnb3Q0a3RZZUNieFZaUXlMSkZMWk13elRjNmNPZzdHUGFXZXdkRFJWcHVVNTZGdHdtdHFxVGFnZVk0cmtSNTVWQXhoUkU3MkFxdkRtc3VlWmFHQ3BNa213UW1qN3NrMmhVRXFrSnRVeE5qSlV0dCUyQjR4SUVJY01SYVYlMkZaOU5yYjJCZGs1Vk9Ec3pRYzJvYlRFNGlRJTNEJTNE; prefetchAd_3765907=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdfdf7e36f78f2f0e4d7ede9fdb76a8
babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:26 GMT
age: 45058
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc4ceb10dd9fcaab21ae58dcf10c401f
6ce530af682094dc5413db9de02565691fab4da7
84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sywGj-wLtW091vZYhx1AbRAgljYQWe6LuffDjwTDhEebqVzxpQuzEQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:58 GMT
age: 23606
etag: "6ce530af682094dc5413db9de02565691fab4da7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cdd0826b7d8be62cc2ed532e04e137b
383a0661fa09d9b48745b507389d0505303b6182
f2d04cf1ee9b5a885c246060c1036b21af4ecd3e51e5d05a529dbe0d63f7c2ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10713
x-amzn-requestid: d546a12c-c549-4ad3-80ad-6bad452927d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5winGzHIAMFTPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7aa-2060c6611eb4abb777cc17a8;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FRD_E3IP_SmjPQuoVEijMnLszBb5bhc_1PxJXOlmdyufLKzx33joTw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:48:07 GMT
age: 45257
etag: "383a0661fa09d9b48745b507389d0505303b6182"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1278db78948279716d72ac203ad8fb0d
1746b9863b781ed9a0c26a126b9b80d36c903974
8d9e31a35490bc2ebef4c4c2152c89b62491c0cdfc31ec0594bc21fd2e9f43f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cebfe28b301ffe9583a29d4e2e787a07
c312300cb020f4f61edaf4b51394aa889bc815e8
faf415663681aab7051de03f75a3163352ff9cffa4f72e38f56d4e0eb337af4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
176.34.209.96200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 176.34.209.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 04 Sep 2022 10:22:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
dnacdn.net/dna
178.250.0.157200 OK 168 B IP 178.250.0.157:0
Hash 46d9d7bfbdcdf3ae8845d771f14389ce
bb39f73f56bfb1881d5cf8f9dfe7269791f9bd44
d44af966fd46c60165bef710a318606b230a840d399b998431aab9ea68d27b47
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=plyBeV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hnRkgyUzcwWWk2aHAxQjNyZ2pZbW9iUGhHOFVHdFI4UWloN1BoUThjJTJCNA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=vpkJHV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hnRkgyUzcwWWk2aHAxQjNyZ2pZbXJZdHYwZFVmOEpxbVpHU0tKWDBkYVQ; expires=Fri, 29 Sep 2023 10:22:23 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 340681
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=734868091.1662286941&jid=981391870&_u=YEBAAUAAAAAAAC~&z=1312385425
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=734868091.1662286941&jid=981391870&_u=YEBAAUAAAAAAAC~&z=1312385425
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=734868091.1662286941&jid=981391870&_u=YEBAAUAAAAAAAC~&z=1312385425 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 10:22:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.viglink.com/api/domains
176.34.209.96200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash a523ef2cabb7d80ac7a9d98ea6ccb255
2c1690ff0678ebd704c5f4dfa8ec55208c8922bf
a3566eacbdb72d5e1505b0a4cbcb9656b387a01afdfae0a541de13773b3a6a51
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 248
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Sep 2022 10:22:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A22%3A21.109&type=usage&msg=rtus&llvl=2&id=6932&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A22%3A21.109&type=usage&msg=rtus&llvl=2&id=6932&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A22%3A21.109&type=usage&msg=rtus&llvl=2&id=6932&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
x-fastly-to-nlb-rtt: 22805
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cebfe28b301ffe9583a29d4e2e787a07
c312300cb020f4f61edaf4b51394aa889bc815e8
faf415663681aab7051de03f75a3163352ff9cffa4f72e38f56d4e0eb337af4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51df98c169fb7de773301d014bcea4b8
9bdf9bdb9b5eee378e9ac4ec68ca07c665ae4819
c8336f3a2e16c9390b610c612ce9be7c19286f04a6328a29200cbf65db5801c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rivana.hooxs.com/images/icons-180.png
94.23.159.185200 OK 839 B URL HTTP/2 rivana.hooxs.com/images/icons-180.png
IP 94.23.159.185:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 1044856a8b8c5713babcd2df0c52babe
7a1858ede92c706533486bc39d7bc4d8e67935db
78a512ac7ad22fd93ef73b677bd69688ea877cdec675ac9701b4d0b6a898ae22
GET /images/icons-180.png HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/t268-topic
Cookie: exadd=166230; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: image/png
content-length: 839
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 04 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 8457e12cd5708c4e3f0e343c3cbdb1a4
22f1968e22e2074d6cbe7cb7950145aec3b5d65c
690ca803cd2ff0f41cce92f29af8ae6c644252a5dd685deb1b8754ce99cf2109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5182
Cache-Control: max-age=135783
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:24 GMT
Etag: "6313d789-139"
Expires: Tue, 06 Sep 2022 00:05:27 GMT
Last-Modified: Sat, 03 Sep 2022 22:39:05 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
176.34.209.96200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 176.34.209.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 04 Sep 2022 10:22:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
cdn.taboola.com/libtrc/userx.20220901-10-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220901-10-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 86179c440fd598bfd0689ac42c5b5c45
a450e7b01df54841ca3fe8d36349f7a5a1e9d38c
70c3a69cf75972a5e31f24e4bb9f0aecee679a397c18171ac014a2d528e12810
GET /libtrc/userx.20220901-10-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ak8zY4HYbTJGoC2kiczoHp+BuYwPX8VevRhMmE/I8Gp/WCOkdkipA5F5h2x5pimS5D9kV9fEVEM=
x-amz-request-id: EJ9X0VHVGV42TKRH
x-amz-replication-status: PENDING
last-modified: Sun, 04 Sep 2022 09:04:56 GMT
etag: "436f1b0b54edb1f3ff2ea247278423cf"
x-amz-version-id: vAM5dKEeh5RzT8WJ_o9mWm8NjOiOdn93
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
via: 1.1 varnish
age: 4647
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 239
x-timer: S1662286945.742739,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 90
content-length: 5398
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5508141e054e220c15b286ea65d8a012
668d6db46e4e3e8d29c765582fcd8de3082348ec
890dfa96068db80ab3b5c9ea5c475092a6509c5df2569d12a056bd324fd65133
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "890DFA96068DB80AB3B5C9EA5C475092A6509C5DF2569D12A056BD324FD65133"
Last-Modified: Fri, 02 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16682
Expires: Sun, 04 Sep 2022 15:00:26 GMT
Date: Sun, 04 Sep 2022 10:22:24 GMT
Connection: keep-alive
vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bf038565daeb4b693c1d2984b022c1bb
de68140fd472d49e65f927323254e319de1d6de0
6bc6d7c0c5527a54effb1455d6b61802893872e855991ce877e2776b1696d9b7
GET /lite-unit/3.9.2/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 09:04:08 GMT
etag: "9b41d4f2702a079eae60f297e3e0c705"
server: AmazonS3
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ZkOQSmMX58boQEhuLMNGLbiMEFwoJa1Xyk_brDHtgEZVsOyVt2ixSw==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
age: 522926
x-served-by: cache-bma1635-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 14324
x-timer: S1662286945.746402,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29862
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:24 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Frivana.hooxs.com%2Ft268-topic&encoded=1&uid=f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662286941501&tagid=&cntry=NO&platform=1&sesid=cfb83902b7b6363c8c2f06f2eb388e08&itemid=/t268-topic&viewid=1662286941112&geolat=&geoing=&deviceifa=&appid=&sd=v2_cfb83902b7b6363c8c2f06f2eb388e08_f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0_1662286944_1662286944_CNawjgYQ3pxDGLiXl8CwMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=2a4a917d701d3be88bbf208a325c67ce&appname=&cdb=&gdprApplies=true&rid=&sii=-2138978585091208433&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8432
151.101.85.44200 OK 14 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Frivana.hooxs.com%2Ft268-topic&encoded=1&uid=f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662286941501&tagid=&cntry=NO&platform=1&sesid=cfb83902b7b6363c8c2f06f2eb388e08&itemid=/t268-topic&viewid=1662286941112&geolat=&geoing=&deviceifa=&appid=&sd=v2_cfb83902b7b6363c8c2f06f2eb388e08_f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0_1662286944_1662286944_CNawjgYQ3pxDGLiXl8CwMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=2a4a917d701d3be88bbf208a325c67ce&appname=&cdb=&gdprApplies=true&rid=&sii=-2138978585091208433&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8432
IP 151.101.85.44:0
Hash c0454e0725f7666f897d9b3b015a9d08
8c27630644e9d91f6e06ed3794c8e9829156910b
9d6c80d082166b5ae85c7319e72958ebd4c18394ac0e5598e9626ee074c6593f
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Frivana.hooxs.com%2Ft268-topic&encoded=1&uid=f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662286941501&tagid=&cntry=NO&platform=1&sesid=cfb83902b7b6363c8c2f06f2eb388e08&itemid=/t268-topic&viewid=1662286941112&geolat=&geoing=&deviceifa=&appid=&sd=v2_cfb83902b7b6363c8c2f06f2eb388e08_f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0_1662286944_1662286944_CNawjgYQ3pxDGLiXl8CwMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=2a4a917d701d3be88bbf208a325c67ce&appname=&cdb=&gdprApplies=true&rid=&sii=-2138978585091208433&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8432 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286945.805049,VS0,VE35
vary: Accept-Encoding
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/6NVX5Wg/8825bc08d5a8686a1477f8812be6b514.png
151.101.85.44200 OK 10 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/6NVX5Wg/8825bc08d5a8686a1477f8812be6b514.png
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b0c467f30070764e9aa59759fee4d46b
356c0c55e4ce1d6fba72c8bf36095ad2e4826ba5
cfa446cd7952c075712d901887e6b88fa36463615c63d3040fbb6de67c64d377
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/6NVX5Wg/8825bc08d5a8686a1477f8812be6b514.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 422024655734401459283089083185515605747,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 422024655734401459283089083185515605747,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "a2a694a0261816b7c71d1c5e904ef436"
expiration: expiry-date="Wed, 17 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 17 Jul 2022 10:06:41 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 968
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
age: 2868295
x-served-by: cache-iad-kjyo7100156-IAD, cache-iad-kcgs7200046-IAD, cache-lga21921-LGA, cache-iad-kcgs7200074-IAD, cache-bma1635-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1662286945.888862,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/6NVX5Wg/8825bc08d5a8686a1477f8812be6b514.png
x-vcl-time-ms: 1
content-length: 10026
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
151.101.85.44200 OK 4.4 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 029e0bfe320b79fdea1071e0aca56284
7ac97ac21d2cd2b865e70d517d32e4d6d555a050
b0230421a4a05eb2b8ef401adc4494f6ee223a3abf7c40251681b5b574e31b98
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 361442623871098473179176297192785719265,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 361442623871098473179176297192785719265,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "6213bf8ba954f2477e45df8b96ea9b78"
expiration: expiry-date="Thu, 07 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 06 Jun 2022 19:40:47 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 76
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
age: 5260664
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100122-IAD, cache-lga21961-LGA, cache-iad-kiad7000138-IAD, cache-bma1635-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 1, 1
x-timer: S1662286945.889527,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
x-vcl-time-ms: 1
content-length: 4402
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66c38fbcb7400127a5b6e58d5329283f.jpg
151.101.85.44200 OK 7.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66c38fbcb7400127a5b6e58d5329283f.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cc1a0e64091507928deeabdc543c803b
ed7c5865980342f18aef369a3b14b408913159e4
a5b67f6a0d9551c333a70bc2620acc40989f80e931cf8430d78130bd396557ec
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66c38fbcb7400127a5b6e58d5329283f.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 506891887238194336451100833487719989696,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 506891887238194336451100833487719989696,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "5ad9362e8fc3151064e56a601ac8ffbc"
last-modified: Sat, 09 Jul 2022 21:42:19 GMT
req-referer: https://slashdot.org/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 0411c7fe921750999a9b65ce88e4c2f5
x-envoy-upstream-service-time: 100
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
age: 2394107
x-served-by: cache-iad-kcgs7200102-IAD, cache-iad-kiad7000091-IAD, cache-lga21946-LGA, cache-iad-kjyo7100049-IAD, cache-bma1635-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1662286945.889696,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66c38fbcb7400127a5b6e58d5329283f.jpg
x-vcl-time-ms: 1
content-length: 7472
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61f5d002cdeffa696e11fcc141e38ae0.jpg
151.101.85.44200 OK 6.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61f5d002cdeffa696e11fcc141e38ae0.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0897218ee5b635ff173e2b08126464ba
44ab916d8a684599b564dbad1ba3a6e57922689f
4b0116e2c1cd81b44ecb51102cd42e9f79f23fdd7fe2e99ddced269c93b585d6
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61f5d002cdeffa696e11fcc141e38ae0.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 480984607260249720310997101816149787850,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 480984607260249720310997101816149787850,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "b62eee96776b61fc4ea310e0a8ed0bf5"
expiration: expiry-date="Thu, 07 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 06 Jun 2022 20:04:53 GMT
req-referer: https://myvolos.net/Volos-000008220984-brephonipiakoi-stathmoi-dupa-anartithikan-oi-prosorinoi-pinakes-katataksis-me-tous-sumbasioihous.html
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 78
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
age: 5752096
x-served-by: cache-iad-kiad7000047-IAD, cache-iad-kcgs7200141-IAD, cache-lga21945-LGA, cache-iad-kcgs7200136-IAD, cache-bma1635-BMA
x-cache: HIT, HIT, HIT, MISS, HIT
x-cache-hits: 1, 1, 1, 0, 1
x-timer: S1662286945.889331,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61f5d002cdeffa696e11fcc141e38ae0.jpg
x-vcl-time-ms: 2
content-length: 6280
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/GP90fx9/Vector-illustration-of-detailed-glossy-black-credit-card-isolated-on-white-background.jpg
151.101.85.44200 OK 4.7 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/GP90fx9/Vector-illustration-of-detailed-glossy-black-credit-card-isolated-on-white-background.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 549fab3d6a62a6a0f7b83b1c4ac0dc9d
f92125a2616f76135fb407c6b080d5f3766fdf50
ce140d722ad538aae9db4e957a968de1cce2ef44569af630e12dea72ff7fbd94
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/GP90fx9/Vector-illustration-of-detailed-glossy-black-credit-card-isolated-on-white-background.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 448143412949065931200825044910492920129,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 448143412949065931200825044910492920129,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "5d9c1f7971919f7031560bea035516c2"
last-modified: Sat, 09 Jul 2022 18:27:38 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: bceacde45ea9c0dca0f86f953e17e946
x-envoy-upstream-service-time: 693
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
age: 3120773
x-served-by: cache-iad-kjyo7100023-IAD, cache-iad-kiad7000095-IAD, cache-lga21922-LGA, cache-iad-kiad7000033-IAD, cache-bma1635-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 1, 1
x-timer: S1662286945.889866,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/GP90fx9/Vector-illustration-of-detailed-glossy-black-credit-card-isolated-on-white-background.jpg
x-vcl-time-ms: 2
content-length: 4706
X-Firefox-Spdy: h2
stootsou.net/event
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/event
139.45.197.250200 OK 94 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash cdf33e93869b4ba9ccd4d8ba95e1250c
f731f5a7268a6c5b0e27e22e6f88d7fe2c6337f8
381d9f96c578ea92ddb0848ea67d283d15b976a2e57fbf393fc17818325e5f2f
POST /event HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Content-Type: application/json
Origin: https://rivana.hooxs.com
Content-Length: 433
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: f8b2281f040e4e67b5c720e3de486889
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&cmcv=&pix=undefined&cb=1662286941846&uv=3221&tms=1662286941846&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8a07a305-cda8-4969-9458-89482686e360&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 395 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&cmcv=&pix=undefined&cb=1662286941846&uv=3221&tms=1662286941846&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8a07a305-cda8-4969-9458-89482686e360&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 39da82976567401a7629ab307831318a
80f6271faa2f7984a80bbc1a9454bf4fc59fc026
472f739499d43be3081e7c9104126ec9eb42286120ed68a4373f240b20255834
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&cmcv=&pix=undefined&cb=1662286941846&uv=3221&tms=1662286941846&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8a07a305-cda8-4969-9458-89482686e360&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286945.140817,VS0,VE25
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.viglink.com/api/domains
176.34.209.96200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash 747eeb7671161fa0a53d22786316418d
39ba12be9f56d678a808d71ad3c4eb536a8e9d14
d2c76e20fd0d785cafc0a342d0d36dc2ec4a7b28b0eaf775e58803fed7d9b23f
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 307
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Sep 2022 10:22:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A22%3A21.524&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1718&cv=20220901-10-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A22%3A21.524&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1718&cv=20220901-10-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A22%3A21.524&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1718&cv=20220901-10-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
x-fastly-to-nlb-rtt: 84796
access-control-allow-credentials: true
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&cmcv=&pix=31589837&cb=1662286941988&uv=3221&tms=1662286941988&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662286938489!ts:1662286941988&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&cmcv=&pix=31589837&cb=1662286941988&uv=3221&tms=1662286941988&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662286938489!ts:1662286941988&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&cmcv=&pix=31589837&cb=1662286941988&uv=3221&tms=1662286941988&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662286938489!ts:1662286941988&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3ebbff1becf8c00ab147d628c2c42945
e06398c730983c9c9dacffdb3a49fd01ca0f5f53
ff19b9b67495ab14020082b3192dd4eed8daeb7aaccc801e84d1e2ad22cd721d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:25 GMT
Last-Modified: Sun, 04 Sep 2022 08:58:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3ebbff1becf8c00ab147d628c2c42945
e06398c730983c9c9dacffdb3a49fd01ca0f5f53
ff19b9b67495ab14020082b3192dd4eed8daeb7aaccc801e84d1e2ad22cd721d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2390
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:25 GMT
Last-Modified: Sun, 04 Sep 2022 09:42:35 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
vidstat.taboola.com/vpaid/units/32_2_1/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_1/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_2_1/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FFIgAFi28LRsvbJkTabEKoyhxUV625KyfKtwCkm6lA5OBQ6IFsgXmHU9tBODZzZscuCy2yFiyW8=
x-amz-request-id: RCC5ZC1T7V9AWGM8
last-modified: Mon, 29 Aug 2022 09:07:10 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1661764029
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1661764028
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
age: 522814
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 95628
x-timer: S1662286945.357596,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 127 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 127 kB (126712 bytes)
Hash 5f22089507fa10d5707ce2727a7dc3e8
ece042046e36dbaa70fccd21581758a7765d4295
e0aa425ad11366db05814cc36e3476a26dd349039667cf341e89cbfae454c6e4
GET /vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HaQtQc5Sg+c+mzUcgZ+MUqBdbTUXOGKi93ZjN2sN5DlqM0jHbJxqU35JASTIStR2k8VjOTgqflI=
x-amz-request-id: 8Q8EP9MSAQBYWJT7
last-modified: Mon, 29 Aug 2022 09:06:16 GMT
etag: "5f22089507fa10d5707ce2727a7dc3e8"
x-amz-meta-ctime: 1661763975
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1661763973
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
age: 522815
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 47841
x-timer: S1662286945.359923,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 126712
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78708963-2c3b-11ed-9f27-169e7f670106; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=787089d2-2c3b-11ed-9f27-169e7f670106
X-fe: 38
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78772e57-2c3b-11ed-8ca5-10ffbde80406; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78772e93-2c3b-11ed-8ca5-10ffbde80406
X-fe: 12
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78771920-2c3b-11ed-9c33-141922060506; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78771961-2c3b-11ed-9c33-141922060506
X-fe: 64
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78774305-2c3b-11ed-a6d9-1bce7de30206; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7877433f-2c3b-11ed-a6d9-1bce7de30206
X-fe: 95
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=787089d2-2c3b-11ed-9f27-169e7f670106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=787089d2-2c3b-11ed-9f27-169e7f670106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=787089d2-2c3b-11ed-9f27-169e7f670106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=787a9067-2c3b-11ed-a8ae-17f3d7a10506; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 126
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78772e93-2c3b-11ed-8ca5-10ffbde80406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78772e93-2c3b-11ed-8ca5-10ffbde80406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78772e93-2c3b-11ed-8ca5-10ffbde80406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=787c0aac-2c3b-11ed-8920-156973b60506; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78771961-2c3b-11ed-9c33-141922060506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78771961-2c3b-11ed-9c33-141922060506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78771961-2c3b-11ed-9c33-141922060506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=787c0d4c-2c3b-11ed-afbb-1fe3cd8f0506; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 23
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7877433f-2c3b-11ed-a6d9-1bce7de30206
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7877433f-2c3b-11ed-a6d9-1bce7de30206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7877433f-2c3b-11ed-a6d9-1bce7de30206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=787e2a31-2c3b-11ed-86b8-1d34abdd0506; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 21
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d9392ac2e46cce125dd6cf2571e6efde
112131ca37b327f0a9fb7ca8c0ef3e2ae9427d38
cd08102db1bf29077d52a174fc48e708c82e8deab9de59f6fb9cc5c6d0d7befc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 10:22:25 GMT
Last-Modified: Sun, 04 Sep 2022 10:13:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 1701da6c4e2c0d9f24e0353fda7a3e3f
264c6989a9ff6892343b83c9e7b7f61d576f677f
e449f23f6ab1f5c107f107249aa7b57c17c5edb53453778fc6f0e81135e281f1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 08 Sep 2022 06:56:18 GMT
ETag: "264c6989a9ff6892343b83c9e7b7f61d576f677f"
Last-Modified: Sun, 04 Sep 2022 06:56:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1476
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74560101ba1eb4eb-OSL
ups.analytics.yahoo.com/ups/58534/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Sep 2022 10:22:25 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGF8FGMCEAbarxwI885p1qYq2ZFDelAFEgEBAQHNFWMeYwAAAAAA_eMAAA&S=AQAAAuBO3vW3Mv3TJRx3EWEUhw4; Expires=Mon, 4 Sep 2023 16:22:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/explore?route=AM:IL:V<i=deflated&ri=ab0281415f4ca60abd9b02b77e6afc82&sd=v2_cfb83902b7b6363c8c2f06f2eb388e08_f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0_1662286944_1662286944_CNawjgYQ3pxDGLiXl8CwMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0&pi=/t268-topic&wi=-2138978585091208433&pt=text&vi=1662286941112&li=rbox-t2m<=deflated&tim=10%3A22%3A22.185&id=6714&llvl=2&cv=20220901-10-RELEASE&
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/explore?route=AM:IL:V<i=deflated&ri=ab0281415f4ca60abd9b02b77e6afc82&sd=v2_cfb83902b7b6363c8c2f06f2eb388e08_f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0_1662286944_1662286944_CNawjgYQ3pxDGLiXl8CwMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0&pi=/t268-topic&wi=-2138978585091208433&pt=text&vi=1662286941112&li=rbox-t2m<=deflated&tim=10%3A22%3A22.185&id=6714&llvl=2&cv=20220901-10-RELEASE&
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/3/explore?route=AM:IL:V<i=deflated&ri=ab0281415f4ca60abd9b02b77e6afc82&sd=v2_cfb83902b7b6363c8c2f06f2eb388e08_f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0_1662286944_1662286944_CNawjgYQ3pxDGLiXl8CwMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=f9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0&pi=/t268-topic&wi=-2138978585091208433&pt=text&vi=1662286941112&li=rbox-t2m<=deflated&tim=10%3A22%3A22.185&id=6714&llvl=2&cv=20220901-10-RELEASE& HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286945.499009,VS0,VE86
x-vcl-time-ms: 86
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a959bf325cab4759e09e7505651912ae
af20df57e6e3376e0d1f607f45e87e96e11797c3
a0972cee9ef30dd6b8214d5094eac658510b82b8505cb5b2161bcc89a6d305bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:56:49 GMT
Expires: Sat, 10 Sep 2022 01:56:48 GMT
Etag: "af20df57e6e3376e0d1f607f45e87e96e11797c3"
Cache-Control: max-age=487462,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745601018c4e1bfe-OSL
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
18.185.150.148200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 18.185.150.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Length: 43
Connection: keep-alive
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662286941866&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1514580184&tz=0&viewable=true&ddast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Frivana.hooxs.com&en=1
151.101.85.44200 OK 15 kB URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662286941866&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1514580184&tz=0&viewable=true&ddast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Frivana.hooxs.com&en=1
IP 151.101.85.44:0
Hash f259c9b6f5e88ffedbb7e00b073b628e
7d75557b51ffdb8cdbf22ec232e49cbac1444a39
b832a37bc6037cde1e7fd7232612d0a4324c493a546422f91d9540904667fa00
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662286941866&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1514580184&tz=0&viewable=true&ddast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Frivana.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 133
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1433
link: <https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286945.209423,VS0,VE66
vary: Accept-Encoding
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dc6f9c508a655c577be225354b665441
b3732cd64bfe7a29cdb4c794444fa47d6d291e22
c3530b281ae1a74e916bb1c641e37977803bc4606b6d024d12c7d8024cda72f0
GET /vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IKBOhnrMjJgezl8a2yjdelD3GGckq3CWxzf/TaOjne9L6nHWUywab4uzkMvL/G0As5wC88tPq5U+S45ArzvU2Q==
x-amz-request-id: 22MGPNJV79F9CPMM
last-modified: Wed, 31 Aug 2022 06:57:30 GMT
etag: "dc6f9c508a655c577be225354b665441"
x-amz-meta-ctime: 1661929049
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1661929036
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
age: 357845
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 71534
x-timer: S1662286946.825019,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 86596
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78b80a78-2c3b-11ed-8007-155da6fd0106; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78b80ac5-2c3b-11ed-8007-155da6fd0106
X-fe: 91
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Sep 2022 10:22:25 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGF8FGMCEHHfs2zPQQE1Xx9M54ph_H0FEgEBAQHNFWMeYwAAAAAA_eMAAA&S=AQAAAocnZlUaLzgCPlefAeCNN9E; Expires=Mon, 4 Sep 2023 16:22:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 92 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash 3dde7f251edbbdaf038276a0f45ec19e
8f822998c0acac61e0ca5255b9830cb61da5bff4
2f161cc262ab5794bdf25072d076245cbbdd4a939ef5090ebefbd6ca19a81a3d
GET /sync?dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash e212b134cabf80f8be66f676e09c0097
c6f5b87bdb324d5acc99af18d97d5d9835c65c7a
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
GET /sync?dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78ba4eeb-2c3b-11ed-9f3d-10ffbde80206
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78ba4eeb-2c3b-11ed-9f3d-10ffbde80206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78ba4eeb-2c3b-11ed-9f3d-10ffbde80206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78c0fd8c-2c3b-11ed-b7f0-160292010106; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 135
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78b80ac5-2c3b-11ed-8007-155da6fd0106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78b80ac5-2c3b-11ed-8007-155da6fd0106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=78b80ac5-2c3b-11ed-8007-155da6fd0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 10:22:25 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=78c13b8e-2c3b-11ed-be6a-1a7ccaea0406; expires=Sun, 02-Oct-2022 10:22:25 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 94
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
54.92.133.28200 OK 297 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 54.92.133.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 23fa7403f9dc2e00819e625659999e76
1a89cab002e798851fbe6c0cd7cd1cb552a5841e
0390e08ff56db5b0d134d81b75aa51c47f350b8edc286e1ade0c559c1105ed87
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2423
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286946.914217,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5066
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286946.911887,VS0,VE89
x-vcl-time-ms: 89
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
18.185.150.148200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 18.185.150.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 04 Sep 2022 10:22:26 GMT
Content-Length: 43
Connection: keep-alive
ups.analytics.yahoo.com/ups/58534/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Sep 2022 10:22:26 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGJ8FGMCEPQSlF4Q0pNCS-yrBQ8HSlwFEgEBAQHNFWMeYwAAAAAA_eMAAA&S=AQAAAmlLPW3nuAKrY83_TMZVKvg; Expires=Mon, 4 Sep 2023 16:22:26 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:26 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Sep 2022 10:22:26 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGJ8FGMCENchiBgqS-nl8_IEvUbANkEFEgEBAQHNFWMeYwAAAAAA_eMAAA&S=AQAAAp-pokj29zBfU3_D4EH0B0Y; Expires=Mon, 4 Sep 2023 16:22:26 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
secure.adnxs.com/ptv?id=20765195&size=728x409&promo_alignment=center&cb=R0.1662286942674&ext_inv_code=cm_240385-2090795_UNKNOWN
185.89.211.132200 OK 27 B URL HTTP/1.1 secure.adnxs.com/ptv?id=20765195&size=728x409&promo_alignment=center&cb=R0.1662286942674&ext_inv_code=cm_240385-2090795_UNKNOWN
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 5f631db49306435ae8cdb4d0c36f1263
f8b283d1f2a7b552120b9878d8f15e977aa683b4
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
GET /ptv?id=20765195&size=728x409&promo_alignment=center&cb=R0.1662286942674&ext_inv_code=cm_240385-2090795_UNKNOWN HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:26 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 27
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: d77ec029-3623-490f-a0ff-4cdc6b3e7b03
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/ptv?id=16816847&size=728x409&promo_alignment=center&cb=R0.1662286942673&ext_inv_code=cm_240385-2090795_UNKNOWN&referrer=https%3A%2F%2Frivana.hooxs.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363445%26ttype%3D1%26crid%3D-1%26dast%3DV7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1---
185.89.211.132200 OK 27 B URL HTTP/1.1 secure.adnxs.com/ptv?id=16816847&size=728x409&promo_alignment=center&cb=R0.1662286942673&ext_inv_code=cm_240385-2090795_UNKNOWN&referrer=https%3A%2F%2Frivana.hooxs.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363445%26ttype%3D1%26crid%3D-1%26dast%3DV7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1---
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 5f631db49306435ae8cdb4d0c36f1263
f8b283d1f2a7b552120b9878d8f15e977aa683b4
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
GET /ptv?id=16816847&size=728x409&promo_alignment=center&cb=R0.1662286942673&ext_inv_code=cm_240385-2090795_UNKNOWN&referrer=https%3A%2F%2Frivana.hooxs.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363445%26ttype%3D1%26crid%3D-1%26dast%3DV7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:26 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 27
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: 5aa734f9-8788-4493-b218-430b1dccefbb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/ptv?id=18126490&size=728x409&cb=R0.1662286942667&GDPR_APPLIES=1&us_privacy=1---
185.89.211.132200 OK 85 B URL HTTP/1.1 secure.adnxs.com/ptv?id=18126490&size=728x409&cb=R0.1662286942667&GDPR_APPLIES=1&us_privacy=1---
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 3290b937e2658213bb9630bb7d52dba4
26b680c852b93cad329aef493ae5c12422789bf7
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
GET /ptv?id=18126490&size=728x409&cb=R0.1662286942667&GDPR_APPLIES=1&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:26 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 85
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: 00d5af44-70d2-4e3d-aac0-669f3fa35685
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?ao8U'a!]tbP6j2F-XstGt!@DeO$mk:^; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIktBcEAoYASABKAEw4vjRmAY4AUABSAEQ4vjRmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=114089996806372115; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/ptv?id=16414321&size=728x409&cb=R0.1662286942672&GDPR_APPLIES=1&us_privacy=1---
185.89.211.132200 OK 85 B URL HTTP/1.1 secure.adnxs.com/ptv?id=16414321&size=728x409&cb=R0.1662286942672&GDPR_APPLIES=1&us_privacy=1---
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 3290b937e2658213bb9630bb7d52dba4
26b680c852b93cad329aef493ae5c12422789bf7
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
GET /ptv?id=16414321&size=728x409&cb=R0.1662286942672&GDPR_APPLIES=1&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:26 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 85
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: 15bf409c-983d-468c-b0e2-628a40e0dbeb
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?ao8U'a!]tbP6j2F-XstGt!@DeO$mk:^; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIktBcEAoYASABKAEw4vjRmAY4AUABSAEQ4vjRmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3101760943764560615; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/ptv?id=20765230&size=728x409&promo_alignment=center&cb=R0.1662286942670&ext_inv_code=cm_240385-2090795_UNKNOWN
185.89.211.132200 OK 27 B URL HTTP/1.1 secure.adnxs.com/ptv?id=20765230&size=728x409&promo_alignment=center&cb=R0.1662286942670&ext_inv_code=cm_240385-2090795_UNKNOWN
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 5f631db49306435ae8cdb4d0c36f1263
f8b283d1f2a7b552120b9878d8f15e977aa683b4
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
GET /ptv?id=20765230&size=728x409&promo_alignment=center&cb=R0.1662286942670&ext_inv_code=cm_240385-2090795_UNKNOWN HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:26 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 27
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: 970e2f6b-e7b4-4c1b-9756-9db32681866b
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?ao8U'a!]tbP6j2F-XstGt!@DeO$mk:^; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIs8VmEAoYASABKAEw4vjRmAY4AUABSAEQ4vjRmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6473063210446414079; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5508141e054e220c15b286ea65d8a012
668d6db46e4e3e8d29c765582fcd8de3082348ec
890dfa96068db80ab3b5c9ea5c475092a6509c5df2569d12a056bd324fd65133
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "890DFA96068DB80AB3B5C9EA5C475092A6509C5DF2569D12A056BD324FD65133"
Last-Modified: Fri, 02 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16680
Expires: Sun, 04 Sep 2022 15:00:26 GMT
Date: Sun, 04 Sep 2022 10:22:26 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 743
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:26 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 93abd36849f24f90ae8ca7733e3e2480
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
rivana.hooxs.com/sw.js?v=3.1.391&o=aaead203b37d4c7cbf742ff908865e41&pub=0&p=2308013
94.23.159.185304 Not Modified 0 B URL HTTP/2 rivana.hooxs.com/sw.js?v=3.1.391&o=aaead203b37d4c7cbf742ff908865e41&pub=0&p=2308013
IP 94.23.159.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.js?v=3.1.391&o=aaead203b37d4c7cbf742ff908865e41&pub=0&p=2308013 HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166230; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.734868091.1662286941; _gid=GA1.2.1013348105.1662286941; _gat_gtag_UA_144347007_1=1; cto_bundle=zTiTW183bnRnb3Q0a3RZZUNieFZaUXlMSkZMWk13elRjNmNPZzdHUGFXZXdkRFJWcHVVNTZGdHdtdHFxVGFnZVk0cmtSNTVWQXhoUkU3MkFxdkRtc3VlWmFHQ3BNa213UW1qN3NrMmhVRXFrSnRVeE5qSlV0dCUyQjR4SUVJY01SYVYlMkZaOU5yYjJCZGs1Vk9Ec3pRYzJvYlRFNGlRJTNEJTNE; prefetchAd_3765907=true; trc_cookie_storage=taboola%2520global%253Auser-id%3Df9d74ec6-71cc-42e8-a58e-d2e8b80a7ce3-tucta0e01e0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 27 Aug 2019 13:54:01 GMT
If-None-Match: W/"5d6535f9-1554"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 04 Sep 2022 10:22:26 GMT
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: "5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=rivana.hooxs.com
178.250.0.157200 OK 5.5 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=rivana.hooxs.com
IP 178.250.0.157:0
Hash 2287aeffac567e151170cdede5581d4a
9cbdd31c4470b5b89a8dc21c9e68f811a9ba82f4
28932caf50af148266af729b7831cfbe6ab0c3bb7dda6d5ccd6740cbf7242456
GET /syncframe?origin=rtus&topUrl=rivana.hooxs.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:26 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=2b2d8dc6-8844-4430-86e0-74a55ed25404; expires=Fri, 29 Sep 2023 10:22:25 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 747460
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7f97392cdd7a2d0b6464216260139f9e
e9b906f1ecc70fcdffe49ad9f85acecd5a321173
e7ae452ead69140ca2a6fab29a3c6854d58488a13d9ae4e7c5ed23e2efbd7fe1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 10:22:30 GMT
Last-Modified: Sun, 04 Sep 2022 09:08:58 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lDADWBk__tj5gPEOjoDEtfWITzOhcLjTSBOwUc8QJwO6e8Hb5RHEVg==
Age: 4412
secure.adnxs.com/ptv?id=19893023&size=728x409&promo_alignment=center&cb=R0.1662286947033&GDPR_APPLIES=1&us_privacy=1---
185.89.211.132200 OK 85 B URL HTTP/1.1 secure.adnxs.com/ptv?id=19893023&size=728x409&promo_alignment=center&cb=R0.1662286947033&GDPR_APPLIES=1&us_privacy=1---
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 3290b937e2658213bb9630bb7d52dba4
26b680c852b93cad329aef493ae5c12422789bf7
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
GET /ptv?id=19893023&size=728x409&promo_alignment=center&cb=R0.1662286947033&GDPR_APPLIES=1&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:30 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 85
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: c9f79754-ffb9-4480-922d-23db1402a32a
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?co8U'a!]tbP6j2F-XstGt!@Dha$oQFn; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIktBcEAoYASABKAEw5vjRmAY4AUABSAEQ5vjRmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=9119107135112737974; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7f97392cdd7a2d0b6464216260139f9e
e9b906f1ecc70fcdffe49ad9f85acecd5a321173
e7ae452ead69140ca2a6fab29a3c6854d58488a13d9ae4e7c5ed23e2efbd7fe1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 10:22:30 GMT
Last-Modified: Sun, 04 Sep 2022 10:10:30 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nni42zFRlgaGjlP9K-T6vBlD0IzMJQj0dc849EW-ZUWiVlytHX5uRw==
Age: 720
rivana.hooxs.com/t268-topic
94.23.159.185200 OK 12 kB URL HTTP/2 rivana.hooxs.com/t268-topic
IP 94.23.159.185:0
Hash 9d946bbb67b7c30c164e1ee1e5458360
17e1f1adae6dab747b4e11ebc5e07465f93a9cd7
115c3bf1b62b7907f4054f2ba7acaec17944090370612fcbb5f64853ad13aab8
GET /t268-topic HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sun, 04 Sep 2022 00:00:00 GMT
last-modified: Sun, 04 Sep 2022 10:22:22 GMT
vary: User-Agent
set-cookie: exadd=166230; expires=Sun, 04-Sep-2022 14:22:22 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/ptv?id=18126490&size=728x409&cb=R0.1662286947034&GDPR_APPLIES=1&us_privacy=1---
185.89.211.132200 OK 85 B URL HTTP/1.1 secure.adnxs.com/ptv?id=18126490&size=728x409&cb=R0.1662286947034&GDPR_APPLIES=1&us_privacy=1---
IP 185.89.211.132:0
File type ASCII text, with no line terminators
Hash 3290b937e2658213bb9630bb7d52dba4
26b680c852b93cad329aef493ae5c12422789bf7
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
GET /ptv?id=18126490&size=728x409&cb=R0.1662286947034&GDPR_APPLIES=1&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Sep 2022 10:22:30 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 85
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rivana.hooxs.com
AN-X-Request-Uuid: dfeea62b-b2f3-4751-953c-b93cf994a2be
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?co8U'a!]tbP6j2F-XstGt!@Dha$oQFn; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIktBcEAoYASABKAEw5vjRmAY4AUABSAEQ5vjRmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2680216629611984760; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 03-Dec-2022 10:22:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
am-match.taboola.com/sync?dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.239200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.239:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 118894
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Frivana.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1662286947029&us_privacy=1---
54.164.84.60200 OK 0 B URL HTTP/2 ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Frivana.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1662286947029&us_privacy=1---
IP 54.164.84.60:0
GET /getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Frivana.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1662286947029&us_privacy=1--- HTTP/1.1
Host: ioms.bfmio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:30 GMT
content-type: application/xml
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-expose-headers: location
x-content-type-options: nosniff
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
vary: Origin, Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A22%3A21.113<i=deflated&data=%7B%22id%22%3A278%2C%22ii%22%3A%22%2Ft268-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662282367821%2C%22vi%22%3A1662286941112%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frivana.hooxs.com%2Ft268-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Frivana.hooxs.com%2Ft268-topic%22%2C%22vpi%22%3A%22%2Ft268-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2374%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A322.3999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2335.39990234375%2C%22mw%22%3A979.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft268-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A22%3A21.113<i=deflated&data=%7B%22id%22%3A278%2C%22ii%22%3A%22%2Ft268-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662282367821%2C%22vi%22%3A1662286941112%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frivana.hooxs.com%2Ft268-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Frivana.hooxs.com%2Ft268-topic%22%2C%22vpi%22%3A%22%2Ft268-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2374%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A322.3999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2335.39990234375%2C%22mw%22%3A979.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft268-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
GET /forumotion-ar/trc/3/json?tim=10%3A22%3A21.113<i=deflated&data=%7B%22id%22%3A278%2C%22ii%22%3A%22%2Ft268-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662282367821%2C%22vi%22%3A1662286941112%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frivana.hooxs.com%2Ft268-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Frivana.hooxs.com%2Ft268-topic%22%2C%22vpi%22%3A%22%2Ft268-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2374%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A322.3999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2335.39990234375%2C%22mw%22%3A979.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft268-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://rivana.hooxs.com
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:24 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286944.429343,VS0,VE191
vary: Accept-Encoding
x-vcl-time-ms: 191
X-Firefox-Spdy: h2
ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Frivana.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1662286947025&us_privacy=1---
54.164.84.60200 OK 0 B URL HTTP/2 ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Frivana.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1662286947025&us_privacy=1---
IP 54.164.84.60:0
GET /getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Frivana.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1662286947025&us_privacy=1--- HTTP/1.1
Host: ioms.bfmio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:30 GMT
content-type: application/xml
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
access-control-expose-headers: location
x-content-type-options: nosniff
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
vary: Origin, Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 3116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B3HUwoA%2BNa3vp9XX5G816mLV4yDbUZvzAZ6f%2FAdoajbEryNF0h%2BA%2BEAD9Psbr6AakH23wuWWQcHQmGg1Y8MCS1YVDssFW7TwhjHpNQGJCSkDUhlz%2Brp%2BC9%2Fr6t%2BOF6ldUgSH4BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745600f2fd85b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rivana.hooxs.com/?utm_source=pwa
94.23.159.185200 OK 0 B URL HTTP/2 rivana.hooxs.com/?utm_source=pwa
IP 94.23.159.185:0
GET /?utm_source=pwa HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166230; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 04 Sep 2022 00:00:00 GMT
last-modified: Sun, 04 Sep 2022 10:22:23 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: text/javascript
last-modified: Tue, 23 Aug 2022 00:22:12 GMT
etag: W/"63041db4-1ddab"
expires: Mon, 05 Sep 2022 10:22:22 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rivana.hooxs.com/serviceworker.js
94.23.159.185200 OK 0 B URL HTTP/2 rivana.hooxs.com/serviceworker.js
IP 94.23.159.185:0
GET /serviceworker.js HTTP/1.1
Host: rivana.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166230; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.239200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.239:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 59392
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 706452
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.391
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.391
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.391 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rivana.hooxs.com/
Origin: https://rivana.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:23 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-20481"
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&cmcv=&pix=undefined&cb=1662286941989&uv=3221&tms=1662286941989&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f4bcc4de-f740-4d60-b903-2695d44ffcb0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&cmcv=&pix=undefined&cb=1662286941989&uv=3221&tms=1662286941989&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f4bcc4de-f740-4d60-b903-2695d44ffcb0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&cmcv=&pix=undefined&cb=1662286941989&uv=3221&tms=1662286941989&abt=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f4bcc4de-f740-4d60-b903-2695d44ffcb0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286945.280162,VS0,VE26
vary: Accept-Encoding
X-Firefox-Spdy: h2
pushazam.com/ntfc.php?p=2308013&r=sw
139.45.197.251200 OK 0 B URL HTTP/2 pushazam.com/ntfc.php?p=2308013&r=sw
IP 139.45.197.251:0
GET /ntfc.php?p=2308013&r=sw HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:26 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662286946926&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-1861826385&tz=0&viewable=true&ddast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Frivana.hooxs.com&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662286946926&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-1861826385&tz=0&viewable=true&ddast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Frivana.hooxs.com&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662286946926&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-1861826385&tz=0&viewable=true&ddast=V7ZqYCFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJLgw7BaewWqtMTmMa9FytlwrR6vhWrgcDSez4WzlmQ2GQIILw27hGazWGpPDuBYtZ8u1crQaroXL0XAyG85WntlgChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXi952h52h13o9xs_d43f7RddZsO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0Nqc4nKqzEGB0QFg0WMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMIhQkK2QpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAC7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDGZvFuFkOJhPfxLaZbTbGjWVmmM0sK4tnOFwZhtsrCnxFduhmBu2LuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCGPOkW-08tjWusXG4xZNVsa1wjVcuUWWlXFiHCx8G5dnLXp9TA_DyrBYGbYoGLCxF8nTIp0oLIbJcDFarGamjcM2WFhMzolhMvHtVraFzWOcTMQSzckincgu-47NYtwsB5OJb2LbzDYb48YyM8xmlpXFMxyuDMN9zTnyjVYe21q32HjcosnKuFa4hiu3yLIyToyDhW_j8qxFr4_pYVgZFivDvjGbTSbD2XI02jdms8lkOFuORvsOneG7-pyNzuB44pGZxrJxw3tzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTvegyG65Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v0pXnSL3twH3BWHkn4qwlt8KG78uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gqO1CD9wodn4CHG0mAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vB!inc_all_video_vA!ll117740-135_vB!mprdctdt6_vA!nrlc_vB!scec11_vB!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Frivana.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2554
Origin: https://rivana.hooxs.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://rivana.hooxs.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1489
link: <https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://rivana.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 10:22:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662286950.223517,VS0,VE58
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=rivana.hooxs.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=rivana.hooxs.com
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=rivana.hooxs.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 10:22:22 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=750075b1-8e0f-4706-bf4c-01efbebc20d7; expires=Fri, 29 Sep 2023 10:22:23 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 467829
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pushazam.com/ntfc.php?p=2308013&r=sw
139.45.197.251200 OK 0 B URL HTTP/2 pushazam.com/ntfc.php?p=2308013&r=sw
IP 139.45.197.251:0
GET /ntfc.php?p=2308013&r=sw HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7B0ICFgM7ZeOYcAiNDwQ7ZeOYcAiNDwUAAAAGBuIHJGaaeDymkcst840Ga9HINlhLnIPNWjJbrkam0czmsRiGQBI2k2eysMzcMs9uthYtdpu1wjIyrUWTyXIycoyMg8nMCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3esnT9rA77EK_3_i5a_xuv-gyG65Ff8PTYwcAAACABwCrt0yIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4XzkBAAAAAAAAAGD5____jwHYwxqTARjZ3-kBePABeCAqUC1iBAAAALClpaJ5NKkTKosqAACCdCuAKwCAgEGEAu2XMAAAgICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsjYLMbNcjCZ-Ca2zWyzMW4sM8NsZllZPMPhyjDcXlHgK7JDNzNon4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKYc-QbrTy2tW6x8bhFk5VxrXANV26RZWWcGAcL38blWYteH9PDsDIsVoYtCgZs7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-w7NotxsxxMJr6JbTPbbIwby8wwm1lWFs9wuDIM9zXnyDdaeWxr3WLjcYsmK-Na4Rqu3CLLyjgxDha-jcuzFr0-podhZVisDPvGbDaZDGfL0WjfmM0mk-FsORrtO3SG7-pzNjqD44lHZhrLxg3vzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOJAvTwrnYjXyDxcgzcRmHE4vNMhguPJPVxrbbuCxiidJ0kU70ostsuBb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P8WLbtGb-4C74lDST0V4iw_FjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxS1XeiBG8XOT4CjzWQ!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rivana.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 10:22:25 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2