Report - troy2.yoo7.com/t67-topic

Report Overview

Submitted URL
troy2.yoo7.com/t67-topic
IP
94.23.150.222
ASN
#16276 OVH SAS
Submitted
2022-11-12 11:00:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bidder.criteo.com	750	2017-01-30T06:01:16Z	2023-03-10T11:15:08Z	960 B	898 B	178.250.0.165
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-10T07:03:43Z	955 B	1.5 kB	139.45.195.8
match.adsby.bidtheatre.com	2419	2016-06-16T15:26:54Z	2023-03-09T18:12:17Z	425 B	493 B	159.65.196.12
troy2.yoo7.com	unknown			2.7 kB	184 kB	94.23.159.185
vidstat.taboola.com	1927	2017-08-29T13:41:42Z	2023-03-10T12:42:23Z	1.7 kB	256 kB	151.101.85.44
match.adsrvr.org	349	2012-05-21T10:27:04Z	2023-03-10T08:45:36Z	902 B	704 B	35.71.131.137
x.bidswitch.net	286	2012-10-04T01:30:53Z	2023-03-10T05:16:09Z	832 B	436 B	3.120.50.91
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
cdn.taboola.com	1040	2013-07-20T01:48:03Z	2023-03-10T11:40:01Z	1.2 kB	155 kB	151.101.85.44
ag.gbc.criteo.com	5925	2018-12-17T14:17:41Z	2023-03-10T12:50:04Z	400 B	575 B	178.250.6.69
il-trc-events.taboola.com	22667	2021-06-17T09:23:06Z	2023-03-10T12:42:23Z	1.2 kB	326 B	185.106.33.48
ups.analytics.yahoo.com	287	2019-05-09T17:57:40Z	2023-03-10T10:51:13Z	822 B	991 B	3.126.56.137
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-10T15:05:48Z	390 B	35 kB	142.250.74.42
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-10T15:35:42Z	3.3 kB	2.7 kB	178.250.0.157
imprammp.taboola.com	11978	2017-03-12T18:38:44Z	2023-03-10T12:03:37Z	4.2 kB	1.2 kB	151.101.85.44
cdn.viglink.com	4113	2012-10-26T17:59:48Z	2023-03-10T12:02:50Z	362 B	29 kB	54.230.111.39
am-match.taboola.com	12278	2020-03-18T15:33:10Z	2023-03-10T12:42:23Z	7.2 kB	2.0 kB	141.226.228.48
stootsou.net	145219	2021-04-05T10:22:21Z	2023-03-10T17:01:09Z	2.6 kB	3.3 kB	139.45.197.250
2img.net	212398	2016-06-23T08:31:49Z	2023-03-09T12:31:09Z	3.3 kB	41 kB	104.21.235.175
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	604 B	709 B	142.251.1.157
api.viglink.com	4397	2012-05-23T15:47:26Z	2023-03-10T08:22:45Z	2.2 kB	2.4 kB	99.80.60.12
illiweb.com	265462	2012-06-26T03:06:07Z	2023-03-08T14:24:00Z	741 B	21 kB	172.67.150.97
eus.rubiconproject.com	556	2018-01-25T07:18:10Z	2023-03-10T12:51:49Z	1.5 kB	11 kB	2.23.134.137
csm.fr.eu.criteo.net	6845	2017-01-30T06:18:06Z	2023-03-10T08:50:52Z	542 B	358 B	178.250.0.162
vidstatb.taboola.com	8893	2017-10-08T18:05:45Z	2023-03-10T12:03:38Z	446 B	92 kB	151.101.85.44
cdn.betgorebysson.club	149925	2020-07-24T17:19:13Z	2023-03-10T09:36:23Z	1.1 kB	978 B	139.45.195.8
am-vid-events.taboola.com	11733	2020-04-26T16:32:16Z	2023-03-10T12:42:23Z	2.0 kB	106 B	141.226.228.48
trc.taboola.com	602	2012-12-27T12:54:42Z	2023-03-10T09:42:15Z	2.9 kB	14 kB	151.101.85.44
pixel.rubiconproject.com	314	2012-10-09T05:17:38Z	2023-03-10T11:15:16Z	1.4 kB	711 B	213.19.162.80
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.8 kB	7.7 kB	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.89.181.160
trc-events.taboola.com	1779	2020-06-09T15:52:57Z	2023-03-10T11:40:03Z	558 B	163 B	141.226.228.48
sync.search.spotxchange.com	523	2012-05-22T10:29:33Z	2023-03-10T11:27:19Z	6.6 kB	7.3 kB	185.94.180.125
taboola-supply-partners.tremorhub.com	3369	2018-12-02T14:13:18Z	2023-03-10T12:42:24Z	625 B	244 B	34.192.165.142
token.rubiconproject.com	671	2017-01-30T06:00:50Z	2023-03-10T11:27:19Z	1.3 kB	636 B	213.19.162.90
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	361 B	1.9 kB	104.18.20.226
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-10T05:13:22Z	340 B	2.3 kB	192.124.249.23
gem.gbc.criteo.com	6039	2019-01-31T11:05:09Z	2023-03-10T12:50:04Z	788 B	10 kB	178.250.6.217
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	680 B	1.9 kB	172.64.155.188
pips.taboola.com	1840	2021-02-15T15:32:07Z	2023-03-10T12:03:39Z	379 B	344 B	151.101.85.44
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	6.1 kB	12 kB	93.184.220.29
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-10T09:31:29Z	513 B	836 B	178.250.2.146
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.2 kB	37 kB	34.120.237.76
cm.g.doubleclick.net	202	2012-05-22T11:58:28Z	2023-03-10T15:09:43Z	929 B	1.9 kB	142.250.74.98
static.criteo.net	652	2012-05-22T19:01:05Z	2023-03-10T11:15:09Z	373 B	53 kB	178.250.0.130
twemoji.maxcdn.com	9109	2018-06-24T07:07:50Z	2023-03-10T08:23:48Z	367 B	6.6 kB	23.111.9.57
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.1 kB	3.0 kB	54.230.245.39
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	515 B	694 B	142.250.74.164
15.taboola.com	1912	2017-03-15T12:40:55Z	2023-03-10T10:44:17Z	2.6 kB	10 kB	151.101.85.44
status.geotrust.com	3662	2017-12-01T09:55:31Z	2023-03-10T05:15:32Z	1.0 kB	2.4 kB	93.184.220.29
wf.taboola.com	2328	2017-03-01T16:03:50Z	2023-03-10T12:42:23Z	6.7 kB	2.7 kB	151.101.85.44
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.7 kB	7.1 kB	23.36.76.226
secure-assets.rubiconproject.com	1057	2012-05-30T21:51:39Z	2023-03-10T11:43:10Z	553 B	293 B	2.21.206.244
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	754 B	83 kB	142.250.74.168
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	514 B	694 B	142.250.74.35
images.taboola.com	1621	2013-07-11T11:17:44Z	2023-03-10T12:42:23Z	3.2 kB	76 kB	151.101.85.44
px.owneriq.net	931	2012-05-30T20:49:02Z	2023-03-10T18:04:49Z	801 B	472 B	184.86.2.127
sync.ipredictive.com	1028	2015-08-21T03:06:09Z	2023-03-10T17:08:08Z	518 B	689 B	34.199.177.9
i.servimg.com	258270	2015-07-24T11:25:42Z	2023-03-09T12:23:02Z	1.6 kB	78 kB	172.67.178.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-12	medium	stootsou.net	Sinkholed
2022-11-12	medium	stootsou.net	Sinkholed
2022-11-12	medium	stootsou.net	Sinkholed
2022-11-12	medium	stootsou.net	Sinkholed
2022-11-12	medium	stootsou.net	Sinkholed
2022-11-12	medium	stootsou.net	Sinkholed

JavaScript (51)

	URL	Size	First Seen	Last Seen
	troy2.yoo7.com/t67-topic	322 B	2023-03-07	2024-01-03
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-01-03 03:33:38 Times Seen34 Hash 9c1735e3df55bb348b1933b393c67c48 403dcbd4b806d5a2e34b6f8497bd030234ca658b 2e47dc28efa9586f4ce6e8db3258f7b8bd70bf0683c210aa2b135acfd38eefa4 Loading...

	troy2.yoo7.com/t67-topic	98 kB	2023-03-11	2023-03-11
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:06:26 Last Seen2023-03-11 16:09:33 Times Seen1 Hash 735f9bc3953a2acd4600f55cb3bc53aa 085a9e37296233dec671a1b970d150928f944fe6 c0e77794f3cf079aa5237a38c87b4798eb5dfab76dc432ac7025ac6c87977886 Loading...

	cdn.taboola.com/libtrc/forumotion-ar/loader.js	180 kB	2023-03-11	2023-03-11
Pretty URL cdn.taboola.com/libtrc/forumotion-ar/loader.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:42:52 Last Seen2023-03-11 11:19:14 Times Seen1 Hash 2c4566a77b43553c6ede756eade1bf49 2814504ed8b399d745c591585969d9dd8d7d2956 416059425a0a1addbe7f7d3e6e9fa64685a3a11fb9ffb734fa9741792c27306d Loading...

	cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js	706 kB	2023-03-11	2023-03-11
Pretty URL cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:03:52 Last Seen2023-03-11 11:32:10 Times Seen1 Hash be5cafd61745406b06830deab1bda8b6 94813eb80283aa23682af007143c6bb60458612d 17dcad04f4395fd7bdf7389e74adb5f1d91fc52579482f1c710c443d16f8da5f Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js	95 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-26 17:42:43 Times Seen13796 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	illiweb.com/rs3/64/frm/jquery/cookie/jquery.cookie.js	1.0 kB	2023-03-07	2024-04-19
Pretty URL illiweb.com/rs3/64/frm/jquery/cookie/jquery.cookie.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-04-19 17:26:26 Times Seen152 Hash 12a485a250e60806fbe4ab8bd03dfbf8 ea48bc03bfb90a966f28d302992ec02fe55da978 6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90 Loading...

	troy2.yoo7.com/t67-topic	12 kB	2023-03-11	2023-03-11
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash 1feb431c37619b70a0868e526eb91f38 3bde6dec48d9403c15f32c3ef53bbd3045ad9f9f 4d10a84cd9b7eceb087186f749d71136b290f58bd57c125e7dd415057e963842 Loading...

	troy2.yoo7.com/t67-topic	474 B	2023-03-07	2024-04-19
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-04-19 17:26:25 Times Seen76 Hash 5dc2d1991479eee96d79b825b4ed452f bc3983969f797596e3e7f3dd21c5fa6e6106991c 4f479e3c2a795d192a8b82d1ac992bb6a2e7e1f65b8bbd808d5e5a2ff0cebaff Loading...

	troy2.yoo7.com/t67-topic	112 B	2023-03-07	2023-04-05
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:33 Last Seen2023-04-05 02:10:30 Times Seen82 Hash e47ee79f740c9eae02464288746f765d 9f2a84ab535d0c773c2d822221917b26446c6d46 24ca2d2952aa702f4191a162f59fbad191c648e851dae7876434baf548af95a7 Loading...

	www.googletagmanager.com/gtag/js?id=	95 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id= IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash 28a294aaf625b89c84aef05a2d2c9223 239309c0339576ad96d175c2ba528f37bd88e5ed 7d2642466aae1a232c4fd4497690eb55bcac4c521a6db07a5b21dd7f05cf42de Loading...

	gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22tld%22:%22yoo7.com%22,%22topUrl%22:%22troy2.yoo7.com%22,%22version%22:132,%22cw%22:true,%22lsw%22:true,%22origin%22:%22publishertag%22,%22requestId%22:%220.9244978663255853%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22tld%22:%22yoo7.com%22,%22topUrl%22:%22troy2.yoo7.com%22,%22version%22:132,%22cw%22:true,%22lsw%22:true,%22origin%22:%22publishertag%22,%22requestId%22:%220.9244978663255853%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS	30 kB	2023-03-07	2023-03-26
Pretty URL gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS IP 178.250.0.157 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:23:23 Last Seen2023-03-26 04:43:03 Times Seen53 Hash d0427fd88e9741c2b20de62ba313a2e7 c3f76e44bdcb6b9e2958ebcae873382965b6941b bb789c36615ba0b66b8cc310e5965cdfe471714b935f1bff5516ff6999e711c5 Loading...

	eus.rubiconproject.com/usync.js	34 kB	2023-03-11	2024-02-11
Pretty URL eus.rubiconproject.com/usync.js IP 2.23.134.137 ASN #1299 Telia Company AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:03:01 Last Seen2024-02-11 09:01:13 Times Seen1 Hash 72f89bdc63a260f5a1b9d7024f0c14c3 a0d66a996e774c8c39b91b992209a092fe443b70 32403c3c7be492bbcaaba5b50b16aeefa0e88dc0cd91f5a4f9b7a2c9f5e79c6d Loading...

	www.googletagmanager.com/gtag/js?id=UA-144347007-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-144347007-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash fa14a94c38d15ceced496b820a9d313e 5c0282ccb2712ddfdcb083a9b5e814941020ea37 1076af39d3266dbfcbf17e3a532e59b610a14d5684de8788c5240f51704d4996 Loading...

	twemoji.maxcdn.com/twemoji.min.js	15 kB	2023-03-07	2023-03-17
Pretty URL twemoji.maxcdn.com/twemoji.min.js IP 23.111.9.57 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2023-03-17 12:40:56 Times Seen1 Hash 0e7562d46a4d2db5e27e0d8ece11622a 038fc48367c0055aff024fb128062181f1b4413b 637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e Loading...

	troy2.yoo7.com/t67-topic	263 B	2023-03-07	2024-01-03
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-01-03 03:33:38 Times Seen36 Hash ef8b50accfd60bbe469f135147911168 ff6c86cd05950889a2e4b1f70655e153c561577e 9a0d1233f8889ad529c9fdd86b379ba5a08dd71ba3939a2206f3e03659965d58 Loading...

	troy2.yoo7.com/t67-topic	70 B	2023-03-07	2024-04-19
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-04-19 17:26:26 Times Seen60 Hash 7d95955272fc06a396db4bf66d9d6247 1a4b36a4b619d7f680909d4e7f574f15d3542ee7 b03b4f9d334c2b312ee05154d8eedbc5a64ca9764bd0a795920e73faf4d874db Loading...

	cdn.taboola.com/scripts/cds-pips.js	3.5 kB	2023-03-08	2023-12-05
Pretty URL cdn.taboola.com/scripts/cds-pips.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:30 Last Seen2023-12-05 04:26:05 Times Seen293 Hash 383fa66d2a0a09f4a6e64a9593ad43bb 62d7b071d7ec77027d27887803cce960e211f69d 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a Loading...

	vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js	106 kB	2023-03-11	2023-03-11
Pretty URL vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:15:52 Last Seen2023-03-11 15:13:32 Times Seen1 Hash defa80fca84ea6620e26bc79bffe323e 84bdbbf744000e848d3f5fcfaf16e774ec1354a0 53eda06581ffb05904988143407fdecc88630b6b8d28c76182cfaaa56e7cf61e Loading...

	sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26	24 B	2023-03-07	2023-04-05
Pretty URL sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 IP 185.94.180.125 ASN #35220 SpotXchange, INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:15 Last Seen2023-04-05 02:02:51 Times Seen38 Hash 1e3bd14d71f3caf020f1c1b6f17af5c0 6b2cbc5e57a49c3d549a2157110c55f4494766c1 228fd0ed6f7661bc06d1e5474fdc18de96880b002491b53a52ff12bf8ac50945 Loading...

	troy2.yoo7.com/t67-topic	469 B	2023-03-07	2023-04-07
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2023-04-07 01:16:28 Times Seen3 Hash 9ac8ef2d1a3bfa3853583ff63bf55fdc 320b3c290f614ea4d58c6380975f66643a86b0c8 2366434a4c7d47689d8eb6353e5bc3c9c50f94f0b7cea6ceba7023faa9d37c02 Loading...

	gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22tld%22:%22yoo7.com%22,%22topUrl%22:%22troy2.yoo7.com%22,%22version%22:132,%22cw%22:true,%22lsw%22:true,%22origin%22:%22publishertag%22,%22requestId%22:%220.9244978663255853%22%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com#%7B%22uid%22:%7B%22origin%22:0%7D,%22lwid%22:%7B%22origin%22:0%7D,%22bundle%22:%7B%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22origin%22:0%7D,%22tld%22:%22yoo7.com%22,%22topUrl%22:%22troy2.yoo7.com%22,%22version%22:132,%22cw%22:true,%22lsw%22:true,%22origin%22:%22publishertag%22,%22requestId%22:%220.9244978663255853%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	troy2.yoo7.com/t67-topic	103 B	2023-03-11	2023-03-11
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash 8f268c6b23deacf6cb29040b3405a39c 83691affff2bcfe3281389bb09589fb7aa5ce928 17e3f841a4fc8da6c834330dcad741a26971094ee11bad03d66f746cba53c526 Loading...

	cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js	18 kB	2023-03-11	2023-03-11
Pretty URL cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:03:52 Last Seen2023-03-11 11:32:10 Times Seen1 Hash 8be6f968f7c696b0b12bbfa029abd2bd a0e7681e7ffa9f73a09c2165ed16b475fb906a55 0eea994d9af2107b26def7d436ccf3665d60df6eefd7d0dd631294651ef9e6ec Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 05:51:30 Times Seen37111798 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-27 02:03:36 Times Seen1536 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	stootsou.net/pfe/current/tag.min.js?z=2308013	15 kB	2023-03-11	2023-03-11
Pretty URL stootsou.net/pfe/current/tag.min.js?z=2308013 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:06:26 Last Seen2023-03-11 16:09:33 Times Seen1 Hash ce772e25c4e6a5889ae35a7a2edf1d0d 3d4085c28c5aa16ade34c37b685f5d5ab5387268 d2d1e5283202f5e5a7c7b9788ca09ca3b30e8e8cb73a4c9ccddcffeee720d911 Loading...

	sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26	48 B	2023-03-07	2023-04-05
Pretty URL sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 IP 185.94.180.125 ASN #35220 SpotXchange, INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2023-04-05 02:10:58 Times Seen78 Hash 2d6ab7977318f2c31d62dda3dec46783 4ca6f92d639651501c71376b091a27310a802a08 0e83fa75cca53fdf9f015d488741d8b8678647f52211bcaed68d8d59900daea7 Loading...

	static.criteo.net/js/ld/publishertag.js	124 kB	2023-03-08	2023-11-06
Pretty URL static.criteo.net/js/ld/publishertag.js IP 178.250.0.130 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:18 Last Seen2023-11-06 11:27:56 Times Seen9 Hash 2368015de456ee305017059e5da20f56 894123fc4bc72430f714b694174f8fd4ff12a052 87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403 Loading...

	illiweb.com/rs3/64/frm/embed/FA_Embed.js	277 B	2023-03-07	2024-01-20
Pretty URL illiweb.com/rs3/64/frm/embed/FA_Embed.js IP 172.67.150.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-01-20 22:09:05 Times Seen67 Hash 7c08b7f1da97c37b7680d6f879d7ed40 97f715f01a5bb9d07ec879e3b5e14a631b087740 432bb74f6f65f0b392e4b531804bf529db2f58fa1868537599097f408c02b481 Loading...

	troy2.yoo7.com/t67-topic	514 B	2023-03-07	2024-04-19
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-04-19 17:26:25 Times Seen76 Hash 761d2d805f480411fa88e7662492769d c28ca142719025edf8996ac2897d036fc0c2a76e 0ee1b0b1b1b4667a2fd2983949d1c4b6aaaca435394712789388747cbe3d6d53 Loading...

	troy2.yoo7.com/t67-topic	172 B	2023-03-07	2024-01-03
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-01-03 03:33:38 Times Seen36 Hash eac2977105f7afa338df42213637c7e8 b8da68cf1722f55c0013b2c642ff3315f8d03755 ee35e392c911a32615a69c87ae4dcf90dabcedb74b9b8f1df12010e4622e25a8 Loading...

	troy2.yoo7.com/t67-topic	51 B	2023-03-07	2024-04-19
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:51 Last Seen2024-04-19 17:26:25 Times Seen31 Hash 31413c1a0520f96981534f262a266579 ea3b9b49e90bd399a7042952268f01a95a3a405a d75199ccb2b6682e717ae84c96162eb5e341b62a189c22d1ad74fdcf6db27987 Loading...

	troy2.yoo7.com/t67-topic	139 B	2023-03-07	2023-10-01
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2023-10-01 10:50:16 Times Seen38 Hash 19e57056f1e5b06edac6b9654418f705 863dadea1e6158fea52bd8bfb1eab0cc13107c12 30f513144bf444457a7c1aadbe1e937ffe5d33eea89055ef9032f1aa9a2439eb Loading...

	cdn.betgorebysson.club/apu.php?zoneid=3765907	77 kB	2023-03-11	2023-03-11
Pretty URL cdn.betgorebysson.club/apu.php?zoneid=3765907 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash 6987cd7643ca73e02f2e0717f4c4fb0d 59c5d4fa3d6ccbf73d69fb653151d120e308bcce d91433482e9e1bd313051a8c112f249610231f4b066435d2fda511e5d71fc17d Loading...

	vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js	440 kB	2023-03-08	2023-03-11
Pretty URL vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:30 Last Seen2023-03-11 23:28:00 Times Seen1 Hash 39ce943f9e071318eb814ebbd80c31e5 637a40ed9eb886421e91be2efe3eff49d7c345b8 d2a438345477c284b6ea53ff812d0a29086f9b4ffeed2fb37ad2f9b574bb56f7 Loading...

	troy2.yoo7.com/t67-topic	213 B	2023-03-07	2024-01-03
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:51 Last Seen2024-01-03 03:33:38 Times Seen17 Hash 8dc99b1a979c478e061ff14e9670e8af 7550a0acc3765631761b58add79d56910907c5be bb17c405392717ddb4e72a8d66b94b269df6defb391f09fdfb60acc1403dd3c6 Loading...

	troy2.yoo7.com/t67-topic	30 B	2023-03-07	2024-04-19
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-04-19 17:26:26 Times Seen63 Hash 4ece280a19c04007f1c61ee38cfc055b c425f44785e505687647cd153db2f5d6e947b85c da7ba30ac2306369b237659657949a1d5fad24e99a97245319bac3b5a8bfddac Loading...

	connect.topicit.net/scripts/connect.js	3.5 kB	2023-03-07	2024-04-19
Pretty URL connect.topicit.net/scripts/connect.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2024-04-19 17:26:26 Times Seen93 Hash df06f0c81b83b4161d3a2c843e71de58 ac09970aca15ee03496cbe68c2a2f06914e19855 39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542 Loading...

	sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26	36 B	2023-03-11	2023-03-11
Pretty URL sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 IP 185.94.180.125 ASN #35220 SpotXchange, INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash 4745cf4ed2c9baca53ab971180212673 8aed4eb980f977e335f1b79f0451fd7cc324d349 8f6abf2f5b253c22a697720294daec3f295be8ca64df36d0b19a0a27c056d1f1 Loading...

	troy2.yoo7.com/t67-topic	411 B	2023-03-07	2023-03-17
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:33 Last Seen2023-03-17 12:40:57 Times Seen1 Hash d8793ee455d156d658f5f70e3ed7bcf8 dc25bbd1fd938f37c21f5b4bc71e0fa6034756f8 db00250066a0114b9d8ed5e81abea3156e2f3b49a94e8685fcafe28ea6f54201 Loading...

	troy2.yoo7.com/t67-topic	482 B	2023-03-11	2023-03-11
Pretty URL troy2.yoo7.com/t67-topic IP 94.23.159.185 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:19:14 Last Seen2023-03-11 11:19:14 Times Seen1 Hash b26830b63fc033f0f8e018fdd820d12a 4269b19fbb2313e5d5ca946491d863bae9ec16cd cd0138b9e2813eedc37bf9495d1a5db55e973575206bb86ce12fee3a39d1c2ad Loading...

	cdn.viglink.com/api/vglnk.js	83 kB	2023-03-07	2023-03-17
Pretty URL cdn.viglink.com/api/vglnk.js IP 54.230.111.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:33 Last Seen2023-03-17 12:55:08 Times Seen1 Hash 00f6ad35e2ff4f8886dae67b1dd697e6 347d57d6b53509fd87982d06e9f6c3d350cf3f34 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e Loading...

	vidstat.taboola.com/vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js	738 kB	2023-03-11	2023-03-11
Pretty URL vidstat.taboola.com/vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:15:52 Last Seen2023-03-11 15:13:28 Times Seen1 Hash 1d9d97dec3bcb1acb64988bcb26b120c 10f7086d1fa9cffae271d10153f04cd6cc642c2a fe274e257af64cb39c51544e8d003d3dc0c2038ca636f1241d4dc8652cd5e8f7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 37cd3bd2adbd29e7fafaf20f77f4bf43	18 B	2023-03-07	2024-04-15
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-15 12:57:44 Times Seen656 Hash 37cd3bd2adbd29e7fafaf20f77f4bf43 d4a665f4bf3dc9a6f3ea3a55c50c5a37c6bd05f5 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91 Loading...

	#2 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-27 01:51:29 Times Seen2164 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

	#3 Eval - 2589cff3797f8ea97b7c9977065154ff	29 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 11:19:15 Last Seen2023-03-11 11:19:15 Times Seen1 Hash 2589cff3797f8ea97b7c9977065154ff f6d96a0a4a18b76b4a3da8d01eae15f14fae38a0 cd8656b1d9f1ae61aef8b256c5ed43ef621e0fc262367086ce38d1f92615673b Loading...

	#4 Eval - 0f6cab69f16cb49d692d0e12c51a1893	80 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 11:19:15 Last Seen2023-03-11 11:19:15 Times Seen1 Hash 0f6cab69f16cb49d692d0e12c51a1893 a9d57ba82ad17587c2b90a7565104ee5c3242cb4 e3e7ba9f1b2c52e793fbd95b133e49bd9faaf0191da09aa2d2d24bcf0b028a86 Loading...

	#5 Eval - 34254266b8001ea055e09f420cc51225	29 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 11:19:15 Last Seen2023-03-11 11:19:15 Times Seen1 Hash 34254266b8001ea055e09f420cc51225 20e1cd70390e5989bb2a5e6f7a751b513d326c4d 9c50784635510872950a803fa4facbfa9c13670aa9fcfa6b2657fefa5daa3405 Loading...

		Size	First Seen	Last Seen
	#1 Write - 90be6fababd84ead318f6ebd34f25269	104 B	2023-03-07	2023-10-01
Pretty Observations First Seen2023-03-07 01:40:33 Last Seen2023-10-01 10:50:16 Times Seen38 Hash 90be6fababd84ead318f6ebd34f25269 e689a91041b2214c8d0eb98e1b0b701a8134c830 147f74332da8a3a6025c02528aa92901c92553e8066a4924adf0b4d08a8439fc Loading...

	#2 Write - 2d6673eded37338627f4fc432783fc4d	759 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 12:04:33 Last Seen2023-05-06 00:14:31 Times Seen121 Hash 2d6673eded37338627f4fc432783fc4d bb226d552cec5533fb1d7fd8b486efa856d7f333 a7e9c7904cd65627b33964bbb90839a2fa154c33d9c353413da6dcdc4fba2295 Loading...

HTTP Transactions (179)

URL IP Response Size

troy2.yoo7.com/t67-topic

94.23.159.185

301 Moved Permanently

0 B

URL HTTP/1.1
troy2.yoo7.com/t67-topic
IP
94.23.159.185:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t67-topic HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 11:00:43 GMT
Content-Length: 0
Location: https://troy2.yoo7.com/t67-topic

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11795
Expires: Sat, 12 Nov 2022 14:17:18 GMT
Date: Sat, 12 Nov 2022 11:00:43 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=90265
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:05:08 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 10:44:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 994
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5765
Expires: Sat, 12 Nov 2022 12:36:48 GMT
Date: Sat, 12 Nov 2022 11:00:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nXoLfME3twRYxylc2VjQtDziqaAH3ECdrj7xO53fEJtXfnW2eGlqO95StzvyomFfm5uIasUUf3Q=
x-amz-request-id: WVH21H9Y2WVRP8S1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 10:12:57 GMT
age: 2866
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d48323467407b9d6d0e9e3090530a2bf
b4671e4de6d0fdaaaa72e0d4e6fe2952edfc5f06
03bbdddbbe0a093231c77bb88e839cd6079e44dad3de520d08e024b3dcf7d5dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03BBDDDBBE0A093231C77BB88E839CD6079E44DAD3DE520D08E024B3DCF7D5DC"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4046
Expires: Sat, 12 Nov 2022 12:08:09 GMT
Date: Sat, 12 Nov 2022 11:00:43 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
7c62234e4e31fff8d9d6a23a63719fb0
73f28838ffaf3afe80d840a47c233b51c5761257
0ce5c95d47e824a60c373847bef8d755a070818d4766ae0009d2553b2c109de8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=158461
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636f30fa-116"
Expires: Mon, 14 Nov 2022 07:01:44 GMT
Last-Modified: Sat, 12 Nov 2022 05:36:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
7c62234e4e31fff8d9d6a23a63719fb0
73f28838ffaf3afe80d840a47c233b51c5761257
0ce5c95d47e824a60c373847bef8d755a070818d4766ae0009d2553b2c109de8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=158461
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636f30fa-116"
Expires: Mon, 14 Nov 2022 07:01:44 GMT
Last-Modified: Sat, 12 Nov 2022 05:36:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
7c62234e4e31fff8d9d6a23a63719fb0
73f28838ffaf3afe80d840a47c233b51c5761257
0ce5c95d47e824a60c373847bef8d755a070818d4766ae0009d2553b2c109de8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=158461
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636f30fa-116"
Expires: Mon, 14 Nov 2022 07:01:44 GMT
Last-Modified: Sat, 12 Nov 2022 05:36:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
b6cf70816bf43e1662467ce66b77a1e9
cb13813fe269c0abf0cd1a78f1eb0e8fb593629b
302efa91231ae3a038748da17469643425584c9eb9c797525c9e36dc6f472552

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2848
Cache-Control: max-age=111953
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636e840c-2d7"
Expires: Sun, 13 Nov 2022 18:06:36 GMT
Last-Modified: Fri, 11 Nov 2022 17:19:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727

www.googletagmanager.com/gtag/js?id=UA-144347007-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43679 bytes)
Hash
2a7f9929fdab96f79cf4cc7a7eec0b8a
3e2178736f8b5346fa5dc1c43ef524aa196eb240
7589c050319e668149f72a4a5d70829b239e3fa30ddf740e3fe4534e12f383ad

HTTP Headers

GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 11:00:43 GMT
expires: Sat, 12 Nov 2022 11:00:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

142.250.74.42

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33845 bytes)
Hash
d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716

HTTP Headers

GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 18:40:06 GMT
expires: Wed, 08 Nov 2023 18:40:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 318037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=

142.250.74.168

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
38 kB (37465 bytes)
Hash
693b6605d78dc3adfd2df994aabb9061
d99e2620a87996324870bf52752653101bfbac75
72e558c5320f8bd0de6359fa4c004e06b39da454b57f507cc4e89ca23cddf782

HTTP Headers

GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 11:00:43 GMT
expires: Sat, 12 Nov 2022 11:00:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

illiweb.com/rs3/64/frm/lang/ar.js

172.67.150.97

200 OK

19 kB

URL HTTP/2
illiweb.com/rs3/64/frm/lang/ar.js
IP
172.67.150.97:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Size
19 kB (19188 bytes)
Hash
5721d7043af80a90cf0e0dd61dd5acb1
b05b003b61208711571f9f4742867962cfd8cb3c
39f5aec06ad1f1eb75afdc8a4ce98cadbdb1b78472eba0923ad1f8b3f6a10a41

HTTP Headers

GET /rs3/64/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:39:39 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 440464
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qW4IyPujBIUoaqq7tEJ%2Fyn%2FUPpZw2mNKHhj8B5VOtm4OMeVExUjIxLwcEJxM5Zxb3CItND4CHGYr%2B7QgYNZGwXeQXlMRc%2BngCrWywEDoqzgCdvXTYipw%2FG1vFLiuXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fd288fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/i/fa/onyx/icon_minipost.gif

104.21.235.175

200 OK

123 B

URL HTTP/2
2img.net/i/fa/onyx/icon_minipost.gif
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 13 x 9\012- data
Size
123 B (123 bytes)
Hash
aa8228d74277b9f62b121e890147f2ff
07cc94349e10bd67ac9528aa2253ab82413ef90c
680720ede87ae9d67b34e749086722e8e4936ead686685c0f1de87223d08bf4f

HTTP Headers

GET /i/fa/onyx/icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 123
last-modified: Mon, 16 May 2016 11:00:14 GMT
etag: "5739a83e-7b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3121801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edswAHAwSKU1qkrHeVW%2BdyCmFBDb%2BYgtsEPfdK%2FWJ3V%2B87NvVd1DIWnIu26xpbaZJRH3jLL%2B69gHbuD7n6OeWMxLFNxA4WOgXtoT%2FGmnwlSqxKGY9rxomPHyyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac68dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/i/empty.gif

104.21.235.175

200 OK

43 B

URL HTTP/2
2img.net/i/empty.gif
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3123707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1fKu9IFHYPI9GuJpFVlPQbnusVHcVNjz7o78xZuTLVMDy5wdjIHBIzE3bHJT3gN91W3Uta0aMXAgsMey3OkALYM1W3HR80BZCmZd1Cxu5DrQW1o%2FPmEjvZrwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6ddd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/i/fa/onyx/icon_minitime.gif

104.21.235.175

200 OK

194 B

URL HTTP/2
2img.net/i/fa/onyx/icon_minitime.gif
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 12 x 9\012- data
Size
194 B (194 bytes)
Hash
45df8fa66cbcbc9f4d5de9d4aa6d6cbd
7907f257cb3b4caa16ecfd2df17538d3a3a5a428
22d8ca8b8455b3caf467b34df658773bb22bc9b628c6264e9c09d66585fdcac1

HTTP Headers

GET /i/fa/onyx/icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 194
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-c2"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3118014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRdVnOBBn%2FoE0q0iOT%2BaY13uD8nv%2FQTlavfMQDwaAyckxH6f0eKCUlnZ7yNNCTYPJKgAIGEZv%2FuPeTqRAbYLovU6J0evz74NWQC7KkeJhpcL%2FYZE8gJpADeZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac69dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/15/32/88/i_icon_mini_register.gif

104.21.235.175

200 OK

9.8 kB

URL HTTP/2
2img.net/s/t/15/32/88/i_icon_mini_register.gif
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 125 x 61\012- data
Size
9.8 kB (9758 bytes)
Hash
96c1a204ab1a061d14c70578b147971a
345576043131ffd725c5c2095c2e3b8593655d52
a53b0a9db17087b483bb100cf5998cac067a58a2ddc6cb85f730a8208873aefc

HTTP Headers

GET /s/t/15/32/88/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 9758
last-modified: Fri, 09 Apr 2010 10:38:41 GMT
etag: "4bbf03b1-261e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl%2FI2xYrsFp8hfzfbJ5nnsIBQHfAcen15ujXe%2BcqmXlCBoYdQL5gST69CitLq47hgrRfDLbavVWjwWwyh62fEYqcfaoBoGf5ZrIG2clJkm3eQbmEI5qwqMsIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac70dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

troy2.yoo7.com/0-rtl.css

178.33.44.177

200 OK

55 kB

URL HTTP/2
troy2.yoo7.com/0-rtl.css
IP
178.33.44.177:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
55 kB (55226 bytes)
Hash
2ce9101f9405eb8927280180ac2d014c
36584fff401cc3145c7ee0aa421cfaef84c1120f
2f3d7a38deb447cdb773e7b05511d9e21bd0a4f4b19fd967bcf02302272ca714

HTTP Headers

GET /0-rtl.css HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/t67-topic
Cookie: exadd=166826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/css
content-length: 55226
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 10:25:00 GMT
cache-control: public,max-age=3600
age: 2143
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2img.net/i/fa/onyx/icon_www.gif

104.21.235.175

200 OK

1.2 kB

URL HTTP/2
2img.net/i/fa/onyx/icon_www.gif
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 29 x 18\012- data
Size
1.2 kB (1222 bytes)
Hash
1309f152caa558704b1b66f700fae34f
8ec3b4596b3c2ac748080877e6c6c2d1ccac4511
ef7ce97a721c0f42d0b015d6d8db7d950c0b5b9851ab8d65d64b4c013e143abc

HTTP Headers

GET /i/fa/onyx/icon_www.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 1222
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-4c6"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y%2Fc%2Fjs8yCsl41xPGcXQezeLQ73DDXOOrHeYocC9Mm0UtnTnSQsSi%2FrbHZba1NKKiCIl0Q06KSJHOVhKlwLUWMWeYBTvw%2FVnSN2g5J0giwXDDRQBgvo8T1qqmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6bdd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/15/32/88/i_icon_mini_index.jpg

104.21.235.175

200 OK

7.9 kB

URL HTTP/2
2img.net/s/t/15/32/88/i_icon_mini_index.jpg
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 125x61, components 3\012- data
Size
7.9 kB (7902 bytes)
Hash
54561cb0dc8a232d65d790fa14384a5c
0d941f7ca9922b2e1151693ddcac02bfaac97d0b
3310609a0bccdcce905b52ad7535f77796cdb78cc65da31bb5f335e6c736e16e

HTTP Headers

GET /s/t/15/32/88/i_icon_mini_index.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/jpeg
content-length: 7902
last-modified: Wed, 27 Oct 2010 17:49:04 GMT
etag: "4cc86610-1ede"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywsh3nE%2FjhHt8WHsqT4vE2RcRhKQ6bSjr5ckNjKxFpuj8tSOkVR%2BzsHMD1h3B9b4VnTisjMtGYnKbyYjCvX50NaQg7S2obp7Wxs5pqiJ8mqR1Eti7qPt%2FTFZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6cdd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/15/32/88/i_icon_mini_login.jpg

104.21.235.175

200 OK

7.5 kB

URL HTTP/2
2img.net/s/t/15/32/88/i_icon_mini_login.jpg
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 125x61, components 3\012- data
Size
7.5 kB (7491 bytes)
Hash
2dbefadfec06197a812eace96b82c378
cb605e61bec364253ecebc69ca1d79b9db5d297f
0da5ede56221876df16bef1dd212590a3fad47b0039bf33d2e62f699e264d7b4

HTTP Headers

GET /s/t/15/32/88/i_icon_mini_login.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/jpeg
content-length: 7491
last-modified: Wed, 27 Oct 2010 17:49:04 GMT
etag: "4cc86610-1d43"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG%2FXFl4ukJmhFHet%2BJwYAX3ASECzEdIptJhKYV7iZULsfdhgb0zFpA3o1PR4GzURvz51ERSP9m1uZff8sZfHYae9WmlPwyg%2FDTBNnM9IyHHJ%2Fhrdg11OD4Gh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac73dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/15/32/88/i_icon_mini_portal.gif

104.21.235.175

200 OK

6.8 kB

URL HTTP/2
2img.net/s/t/15/32/88/i_icon_mini_portal.gif
IP
104.21.235.175:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 125 x 61\012- data
Size
6.8 kB (6767 bytes)
Hash
66d7e1bb4b7e9be8bbb4b988550e525d
5a9dce99afae49fcb89d9b865d583f10f6446905
55da547c69ee5a081f492410ff3d308a2df952dcc4a32e78aec882661497bd2f

HTTP Headers

GET /s/t/15/32/88/i_icon_mini_portal.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 6767
last-modified: Wed, 27 Oct 2010 21:15:48 GMT
etag: "4cc89684-1a6f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TOwDjBTJsy1w8dQ6UONLVxQOKazDPHoF2Xb67lCUkUZZJehKwRFJVJJOU4RASJRVfIe6fT9Nw0y9ugn8lLhnp9zlKp6X0C7d9x4t3clrFT%2F3VNZ5Ux18ifrFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6fdd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2830
Cache-Control: max-age=168798
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 09:54:02 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=158182
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 06:57:06 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6084
Cache-Control: max-age=161639
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 07:54:43 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=158182
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 06:57:06 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6a24f7ed5c0cf547278e07075d721f9f
15d904065bf5b4221cd6a85411591967e2a9e68e
f07e5b019b5344a676fc2aa87a2d9fb9bf229606fe4e71482355c54135a70bf9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F07E5B019B5344A676FC2AA87A2D9FB9BF229606FE4E71482355C54135A70BF9"
Last-Modified: Fri, 11 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3914
Expires: Sat, 12 Nov 2022 12:05:58 GMT
Date: Sat, 12 Nov 2022 11:00:44 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
997365ae1f9cd071bf979a1466dcb40b
1c382a0ab3f8eae5c8394d31235bd7263aa85557
c5f7ec201b56fab66d5dbe69991f1ea086c4a532ce6f5415b783c624ffa804d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3530
Cache-Control: max-age=90304
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e2cd2-139"
Expires: Sun, 13 Nov 2022 12:05:48 GMT
Last-Modified: Fri, 11 Nov 2022 11:06:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

i.servimg.com/u/f85/14/35/47/42/b211.gif

172.67.178.62

200 OK

3.6 kB

URL HTTP/2
i.servimg.com/u/f85/14/35/47/42/b211.gif
IP
172.67.178.62:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 80 x 80\012- data
Size
3.6 kB (3599 bytes)
Hash
0df512d11c9af7ba0b78ddf7aec51419
1c39b21679b0ff8a123bcc32dd12a3eaf635dfb9
bdd109659cb077b23e3af7904c0f030407e681f5db3fe8eef0f20cc9b4439345

HTTP Headers

GET /u/f85/14/35/47/42/b211.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/gif
content-length: 3599
last-modified: Sun, 11 Oct 2009 07:36:13 GMT
etag: "4ad18aed-e0f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 11 Nov 2023 08:54:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZfPoY5dH%2BPtMa5scC5LC5JgZ%2BJd2k726GDOO8hLBV24BLXXp8Z00LBgxJm1GTalqFBBI7HJk%2BAAHqDvJYC86%2F555hiRKiamJJBwpDduHfYkjv7asKtxAsGg9Ewf5NQo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff8bde1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.servimg.com/u/f15/14/35/47/42/ouoouo11.png

172.67.178.62

200 OK

1.6 kB

URL HTTP/2
i.servimg.com/u/f15/14/35/47/42/ouoouo11.png
IP
172.67.178.62:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 916 x 57, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1557 bytes)
Hash
53d7a629a4062c2679920463519d4ec3
2cc744a5e873427c0729faf9a7e86237650f575f
b683df52fe9d0fbb953d156550da09952449aca0da51447d93a9423b7cddfef8

HTTP Headers

GET /u/f15/14/35/47/42/ouoouo11.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/png
content-length: 1557
last-modified: Sun, 27 Dec 2009 22:35:17 GMT
etag: "4b37e125-615"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 11 Nov 2023 13:42:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNKjFRnq%2Fhdiek28UFCFQ6q5g0mLr7zS%2FDbaLH7U5XqB1qkB%2FPfu%2FIUA6b34OmADS1hGSGoULWT8SW14IRNtViwcYqDFBa3UyuXFpZsq2IglK4rkWOJ%2BxF0O2QiKykqF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff7bdb1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=158182
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 06:57:06 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=troy2.yoo7.com&var=&ymid=&var_3=

139.45.197.250

200 OK

758 B

URL HTTP/2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=troy2.yoo7.com&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (757)
Size
758 B (758 bytes)
Hash
b16e0d724d636a636021401d2a570b64
541a8b15f265ee16623520bc60622b23b1cd99c5
b122d9d57af959843fb9650da5d43fe22d5056ec0e5c4595207c985ffcdac15f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=troy2.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 3037df0fc7cc97c4523430166bf17e50
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
e9c88db553a1acf24123cf2b17519168
5e0775279e3fb3a1c84c452e919d5c5dbda10201
725c069823a91881e5959ad4a559788f412ba009ebfedfcb2ef26a3d438c19ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4289
Cache-Control: max-age=114850
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e89bd-139"
Expires: Sun, 13 Nov 2022 18:54:54 GMT
Last-Modified: Fri, 11 Nov 2022 17:43:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

static.criteo.net/js/ld/publishertag.js

178.250.0.130

200 OK

53 kB

URL HTTP/2
static.criteo.net/js/ld/publishertag.js
IP
178.250.0.130:0
ASN
#44788 Criteo SA

File type
data
Size
53 kB (52732 bytes)
Hash
b2f843695faee4827ae2fe5835dcb594
695105f7f509a40b307c053e1c2851403c93d408
a7788b164a9ff904477f8e4b98ea8f185e5397f8f79e9c71e972ae99bb3ded92

HTTP Headers

GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Sun, 13 Nov 2022 11:00:43 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

i.servimg.com/u/f12/13/42/24/54/im22ag10.jpg

172.67.178.62

200 OK

762 B

URL HTTP/2
i.servimg.com/u/f12/13/42/24/54/im22ag10.jpg
IP
172.67.178.62:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 25x16, components 3\012- data
Size
762 B (762 bytes)
Hash
ed323c32bbbd0381729a0c17c548a804
808987322ef3d3005926a4057fc3a3246efab8c8
339731b10ca62b33798fcbfa546c6639d174af085fc991213b0f821d800db63e

HTTP Headers

GET /u/f12/13/42/24/54/im22ag10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/jpeg
content-length: 762
last-modified: Tue, 22 Dec 2009 06:38:25 GMT
etag: "4b306961-2fa"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 07:52:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cys7Bm2H9TeUiFhSc0qM81k9mxHHVcjBh1pN9AQQIDjfGrJF6cgSJLMvbRxg0eT9RywgnLErSKC2EbwSL%2BRMGnafpDnHoUBSLx1j8rCRdjHB2jLyVcP3GeBHz6inSr3z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff8be91c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

twemoji.maxcdn.com/twemoji.min.js

23.111.9.57

200 OK

5.9 kB

URL HTTP/2
twemoji.maxcdn.com/twemoji.min.js
IP
23.111.9.57:0
ASN
#12989 StackPath LLC

File type
data
Size
5.9 kB (5944 bytes)
Hash
a7591c815930bda6592bbee89a58b0ed
85dcd1055b061905e11c5bfd65f86d5faec5e3c2
bab80e4f812bbfd34a60e60d7761d06f1294a50b9623b19eaf7e9e5eaec8a588

HTTP Headers

GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Mon, 12 Dec 2022 11:00:43 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: B5FC:2175:C309F5:C881C1:636AA98C
vary: Accept-Encoding
x-fastly-request-id: 48372c21b0bf5018e69e7ec519f4fa657be68bc8
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.181.160

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.181.160:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ldr4tot8o63ZXc71ZeVVEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kh64BP+r+479Hi+zB+hmPW+/xII=

i.servimg.com/u/f15/14/35/47/42/ouuuso11.png

172.67.178.62

200 OK

68 kB

URL HTTP/2
i.servimg.com/u/f15/14/35/47/42/ouuuso11.png
IP
172.67.178.62:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 916 x 235, 8-bit/color RGB, non-interlaced\012- data
Size
68 kB (67925 bytes)
Hash
c208efbf2107c8ef1b1c2219215a722f
ad7c5e60f294993305953befd421309c713c2f1f
ad145167dfedf85ec5e5205c1210d697f9c9ce2a44f29b20688c8fd93ef30d4c

HTTP Headers

GET /u/f15/14/35/47/42/ouuuso11.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/png
content-length: 67925
last-modified: Sun, 27 Dec 2009 22:36:34 GMT
etag: "4b37e172-10955"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 18:17:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBj8n4O1NCdPuWra1N37uITT5DdECMRJj137lQ69LH6TDX5lyR6uIlQZWZHEreww14WTNiBvv91WCec2u0zMLCCWafqxHAevnG5wp53N2K3LhPD1nEgmpFIByQ%2FLfw2P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff9bea1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
62ee06035006c1261986cdb076ac4702
3f5acbf0c231ab9730d4cc45827a5b3aed58c66c
0b60b6cfe4f62af821b1f8a3c50cd618846cf090b079108c59595e6d90d65317

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5891
Cache-Control: max-age=88717
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e1d66-139"
Expires: Sun, 13 Nov 2022 11:39:21 GMT
Last-Modified: Fri, 11 Nov 2022 10:01:10 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
62ee06035006c1261986cdb076ac4702
3f5acbf0c231ab9730d4cc45827a5b3aed58c66c
0b60b6cfe4f62af821b1f8a3c50cd618846cf090b079108c59595e6d90d65317

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: max-age=88715
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e1d66-139"
Expires: Sun, 13 Nov 2022 11:39:19 GMT
Last-Modified: Fri, 11 Nov 2022 10:01:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
11a2edefb7368572925987531b729447
5280775ebd54cc72255d9a9176f5f4ea70c2cbb0
e4224c96b983ec79fe77ef3f065217ffd2bc9501b9ae791e2fa054d7c26de47b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4224C96B983EC79FE77EF3F065217FFD2BC9501B9AE791E2FA054D7C26DE47B"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5995
Expires: Sat, 12 Nov 2022 12:40:39 GMT
Date: Sat, 12 Nov 2022 11:00:44 GMT
Connection: keep-alive

dnacdn.net/dna

178.250.2.146

200 OK

132 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
132 B (132 bytes)
Hash
1f097ac789cbd747706371ce7d4027dc
dfbaf7d621b74932bed0f0f6a17cfe56fe91af57
c8f6d3e018d616eac5a0e98a2f5b1efc15dd531ea63d59cd8dad5476618489bc

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=1ftpkV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHBBbVdqU2lLc0w3JTJCWGlLJTJGNXBRZ2NT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ; expires=Thu, 07 Dec 2023 11:00:44 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 378378
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.217

200 OK

40 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.217:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
581afdcff1f07395b566083cace695f2
d4644102b6dc46d9548b962e8b764a2dfdfe8880
0cd16d56066b97e489c895ab9ed0dce6a71ab2840517da684b1bffcfcf0430ac

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 106473
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
stootsou.net/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Content-Type: application/json
Origin: https://troy2.yoo7.com
Content-Length: 374
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e7b9789cecaa7a525b17d7648bb46355
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
stootsou.net/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Content-Type: application/json
Origin: https://troy2.yoo7.com
Content-Length: 447
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bae2ec210def132eacd3fb15a2ce4a6d
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.viglink.com/api/vglnk.js

54.230.111.39

200 OK

29 kB

URL HTTP/2
cdn.viglink.com/api/vglnk.js
IP
54.230.111.39:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (693)
Size
29 kB (28567 bytes)
Hash
072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e

HTTP Headers

GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 28567
date: Tue, 08 Nov 2022 12:47:31 GMT
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zLMpTZ0643Xx-SdxoTKkaSMj65zw2lqHeC1onkWMQUDth7zTGChRHQ==
age: 339194
X-Firefox-Spdy: h2

troy2.yoo7.com/?utm_source=pwa

178.33.44.177

200 OK

61 kB

URL HTTP/2
troy2.yoo7.com/?utm_source=pwa
IP
178.33.44.177:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22643), with CRLF, LF line terminators
Size
61 kB (60889 bytes)
Hash
8e06f754de110dbe84568ca9062958e0
670b57c81627ec826ac92d8452a26d15f873693d
da91ce8196ba64fe2d2d7c3252f39e985de52edbb174b01caa34838664e0e131

HTTP Headers

GET /?utm_source=pwa HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166826; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 11:00:44 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

troy2.yoo7.com/serviceworker.js

178.33.44.177

200 OK

28 kB

URL HTTP/2
troy2.yoo7.com/serviceworker.js
IP
178.33.44.177:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (57190)
Size
28 kB (28501 bytes)
Hash
fb189fc8794e88a6e291e3ff33df1cb2
19960866069b2e3c4360005a30beab24b6c71520
a390fe7000c0f1a4980dbe229b17777cea648e33e4b36780d519629f8bd88e8b

HTTP Headers

GET /serviceworker.js HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166826; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

bidder.criteo.com/cdb?ptv=132&profileId=206&cb=26434704443

178.250.0.165

200 OK

160 B

URL HTTP/2
bidder.criteo.com/cdb?ptv=132&profileId=206&cb=26434704443
IP
178.250.0.165:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
160 B (160 bytes)
Hash
f50794b322b1a3b9891f66d92b869fe7
17bdc6b0e089ee9fe5d0f0469981e88516959332
442754a774d601e0054996029ab04930691815b47a2ba061ba3cbe331e0fac97

HTTP Headers

POST /cdb?ptv=132&profileId=206&cb=26434704443 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 562
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://troy2.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

troy2.yoo7.com/images/icons-180.png

178.33.44.177

200 OK

37 kB

URL HTTP/2
troy2.yoo7.com/images/icons-180.png
IP
178.33.44.177:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (36727 bytes)
Hash
edb2f73a9360a04282cb371ec4b15e47
59885ed602fa20c93c42b615d2996322ab167d79
b1545eb9b458b3f42afa03bb9c9f499be08c7e15d2172b010445dc3cab0ad7b1

HTTP Headers

GET /images/icons-180.png HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/t67-topic
Cookie: exadd=166826; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/png
content-length: 36727
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: HIT
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js

151.101.85.44

200 OK

146 kB

URL HTTP/2
cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65509)
Size
146 kB (146001 bytes)
Hash
88c487ac892a30204e98821760358d3a
a15fe00062e424617d405b27c3376831d502cb90
caed01e353e989f88d91dbea2b18991c111c4acdece297d0ff65eb50ffd5fd8b

HTTP Headers

GET /libtrc/impl.20221108-4-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 7NIfjc5DF1L2B/kzlgqwEMQz6AeXPHeJ8bdJplySczuZ/p+wuSvwQmO0NIljPmdKYCKWw7PfupA=
x-amz-request-id: EGG6QY2K8WHEN44M
last-modified: Tue, 08 Nov 2022 09:41:14 GMT
etag: "88c487ac892a30204e98821760358d3a"
content-encoding: br
x-amz-version-id: Hr3XNjpCCkEC_aHpskXb5vO2HjdO2stg
content-type: application/javascript
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:44 GMT
via: 1.1 varnish
age: 4767
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 876
x-timer: S1668250845.769550,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 99
server: AmazonS3-br
content-length: 146001
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6a1d4f77f4afebce7cf2962c9378696d
76105d24e2b1987b11909ccae6f389f35889384b
c6321eecaa353d135ef342adb5be29fb064268b06134305c90b409269a8c580e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166215
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f514b-1d7"
Expires: Mon, 14 Nov 2022 09:10:59 GMT
Last-Modified: Sat, 12 Nov 2022 07:54:51 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: weN2W4nrpuMPMQQ1Ts8UC_wGyuWm1q4-eGrxNDRoN8zAhyTVmZrcSw==
Age: 4568

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&gjid=2093496822&_gid=1106805420.1668250844&_u=YEBAAUAAAAAAACAAI~&z=1772583029

142.251.1.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&gjid=2093496822&_gid=1106805420.1668250844&_u=YEBAAUAAAAAAACAAI~&z=1772583029
IP
142.251.1.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&gjid=2093496822&_gid=1106805420.1668250844&_u=YEBAAUAAAAAAACAAI~&z=1772583029 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://troy2.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Nov 2022 11:00:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.viglink.com/api/ping

99.80.60.12

200 OK

258 B

URL HTTP/1.1
api.viglink.com/api/ping
IP
99.80.60.12:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
258 B (258 bytes)
Hash
4a56fefc47ac72a3ca22b5f12d133b8a
4fce8fc5afab34203077ae836a394e44803df804
78c53429e802305e904a207612c4ad777fbe24eaa42baa6c39034b39c0f68105

HTTP Headers

POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 132
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://troy2.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 258
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
21817fa3c60612398404dbe75d383a1a
2d5e08988401c8d0adb24fb26987a0ee26544b4e
12cf02219c8cf9fe9b31f48e19ec88ff888a4ca87a7af1c47eff60a9c5865bfe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:00:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:25:29 GMT
Expires: Thu, 17 Nov 2022 18:25:28 GMT
Etag: "2d5e08988401c8d0adb24fb26987a0ee26544b4e"
Cache-Control: max-age=458083,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768ec4037cbdb51b-OSL

my.rtmark.net/gid.js?userId=2c4f77cb31fa44cbac944d6e61aa57f6

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=2c4f77cb31fa44cbac944d6e61aa57f6
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
790bb066ab0e76cec90d038317f499e9
0a46550316e768a6156fe8168c20ce60475e5edc
6b7a06e46ef0eb965421140e67bef7ac0e25c5831a185a61fc94e7275c47f5f9

HTTP Headers

GET /gid.js?userId=2c4f77cb31fa44cbac944d6e61aa57f6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c4f77cb31fa44cbac944d6e61aa57f6; expires=Sun, 12 Nov 2023 11:00:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2

99.80.60.12

200 OK

43 B

URL HTTP/1.1
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP
99.80.60.12:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

HTTP Headers

GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 11:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://troy2.yoo7.com
server-processing-duration-in-ticks: 585073
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 11:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A44.239&type=usage&msg=rtus&llvl=2&id=2542&cv=20221108-4-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A44.239&type=usage&msg=rtus&llvl=2&id=2542&cv=20221108-4-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /forumotion-ar/log/2/debug?tim=11%3A00%3A44.239&type=usage&msg=rtus&llvl=2&id=2542&cv=20221108-4-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
x-fastly-to-nlb-rtt: 22036
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.viglink.com/api/domains

99.80.60.12

200 OK

41 B

URL HTTP/1.1
api.viglink.com/api/domains
IP
99.80.60.12:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
41 B (41 bytes)
Hash
19ce3f9048d70f7a0c077f64be498090
f912c6ffa0890c916fa9d069d089ad9553e07723
98938c61dab85a60a37fecc3d260eac6f8e4c0556e3701f2c1aa215a901823e0

HTTP Headers

POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 231
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://troy2.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive

api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2

99.80.60.12

200 OK

43 B

URL HTTP/1.1
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP
99.80.60.12:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

HTTP Headers

GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
8b147b232c947085ab22b0e44cbbe6b1
5c4bdac252f4d9837ae0a40f538f6c35667eb571
0ea7988a73324142d61d29125de9e76662bdf44b4c2a22f1361293e52a63ad0a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=112299
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Etag: "636e774f-13a"
Expires: Sun, 13 Nov 2022 18:12:24 GMT
Last-Modified: Fri, 11 Nov 2022 16:24:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1

178.250.0.162

200 OK

43 B

URL HTTP/2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP
178.250.0.162:0
ASN
#44788 Criteo SA

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
stootsou.net/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Content-Type: application/json
Origin: https://troy2.yoo7.com
Content-Length: 738
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9868ff7ebf66bc93075e64bda688bbd6
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bidder.criteo.com/csm/events

178.250.0.165

204 No Content

0 B

URL HTTP/2
bidder.criteo.com/csm/events
IP
178.250.0.165:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 370
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 12 Nov 2022 11:00:44 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://troy2.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

178.250.6.69

200 OK

82 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
178.250.6.69:0
ASN
#44788 Criteo SA

File type
data
Size
82 B (82 bytes)
Hash
af4005dd4039aea645a274ec69842459
1592573e824b94ad4234ad9d54e194bc7e6634ea
ba1cff0cba867322cbfe47fc347cfaeac231831105ff16ef1d433d8518537236

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 107592
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 11:00:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 11:00:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 11:00:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4268 bytes)
Hash
701700f42e1b0e528a63c3bd2a4c54e7
a3af603900538ea10e094981d298a0b37d0ab896
c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RPDkAR4fjBR89lWuee42HxnCGQv_vd6tWbOavmEsGCkZeKwjW_99Dg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 47748
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js

151.101.85.44

200 OK

5.4 kB

URL HTTP/2
cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (17842)
Size
5.4 kB (5397 bytes)
Hash
963d77ca83c1ef5c8c622f69fcaa7cd6
88c3b40efed3822d2dbea0e42bd0756c37628814
d89ac78823b96fe54d5b90628e7879f235e9090e0160d0f37ccab22d1ef69c69

HTTP Headers

GET /libtrc/userx.20221108-4-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: GDnYjBbCiwHp61EcLghxyjr3oq5xzh2Eac7lyvlx+wORECinvMlUAQDcfbvFLT89+7IHtSoOyLI=
x-amz-request-id: 0JCWFZ09W7Y8GE4S
x-amz-replication-status: PENDING
last-modified: Tue, 08 Nov 2022 19:34:09 GMT
etag: "8be6f968f7c696b0b12bbfa029abd2bd"
x-amz-version-id: Ps6T8wFCySZBAs8KjVLJqdGfJsa23oNM
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
age: 28
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1668250846.542702,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 99
content-length: 5397
X-Firefox-Spdy: h2

trc.taboola.com/forumotion-ar/trc/3/json?tim=11%3A00%3A44.248&lti=deflated&data=%7B%22id%22%3A78%2C%22ii%22%3A%22%2Ft67-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668250844245%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22vpi%22%3A%22%2Ft67-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A4287%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A484%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4054%2C%22mw%22%3A914.4000244140625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft67-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2

151.101.85.44

200 OK

13 kB

URL HTTP/2
trc.taboola.com/forumotion-ar/trc/3/json?tim=11%3A00%3A44.248&lti=deflated&data=%7B%22id%22%3A78%2C%22ii%22%3A%22%2Ft67-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668250844245%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22vpi%22%3A%22%2Ft67-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A4287%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A484%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4054%2C%22mw%22%3A914.4000244140625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft67-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
data
Size
13 kB (12802 bytes)
Hash
bab401e285a2c9f5c28fef5daba6aab2
cfa3f56de0697456289fbea9fbadea619fa3318b
04b67b9ff19e05533a51ffcf74a7393178a790553cf00aec4bc97292fda9a603

HTTP Headers

GET /forumotion-ar/trc/3/json?tim=11%3A00%3A44.248&lti=deflated&data=%7B%22id%22%3A78%2C%22ii%22%3A%22%2Ft67-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668250844245%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22vpi%22%3A%22%2Ft67-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A4287%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A484%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4054%2C%22mw%22%3A914.4000244140625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft67-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250845.086786,VS0,VE393
vary: Accept-Encoding
x-vcl-time-ms: 393
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9012 bytes)
Hash
516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 47268
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.217

200 OK

9.0 kB

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.217:0
ASN
#44788 Criteo SA

File type
data
Size
9.0 kB (8993 bytes)
Hash
0cba8059c1adb53973108f2c682869dd
9b0fde7a0f978ad88cab65b2d769ffc0dd5d322b
ea427c940ba6d02507be1e3c71bd69a4290a773f727e3d28718d99017421adac

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 108157
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7533 bytes)
Hash
567bcdef39653e949301b97714168c31
8669185a5f338e34026c48310c88c5a9d8caa1c2
7ecaa9ceaa0a60e608e62571108fbcf49f6fa2b3e77feacbf52d319beda40db1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7533
x-amzn-requestid: 985674ba-be97-4ca3-babb-594c61f8d6c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8BEqFIAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e6-3abc6a525f2a2bde14465b7e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DRfYKF1_Z56kxeaprUhH1Ng8MgW0Z6Xx_yWwiO3MnswRFY482udCjg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:48 GMT
age: 47817
etag: "8669185a5f338e34026c48310c88c5a9d8caa1c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 47870
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg

151.101.85.44

200 OK

8.7 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.7 kB (8726 bytes)
Hash
d8a63a4f77efda981dac13174535d841
fcb21a93b081c79542b8e5d68f5282de1dfbce03
1bc2549e8fe70c9e7e5286f4400dfd88b7dcb7d5b049b386b58f1283d685ba87

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 434592531185166464174072893718121666357,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 434592531185166464174072893718121666357,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "286cdfa868fd2dc091d4a54df30aadce"
expiration: expiry-date="Fri, 28 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 27 Sep 2022 16:55:26 GMT
req-referer: https://www.autoexpress.co.uk/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 1555
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 2450595
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kjyo7100096-IAD, cache-lax10637-LGB, cache-iad-kcgs7200081-IAD, cache-bma1633-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 3, 1
x-timer: S1668250846.657395,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg
x-vcl-time-ms: 1
content-length: 8726
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg

151.101.85.44

200 OK

7.5 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.5 kB (7530 bytes)
Hash
c0a9f60f0288ebc3444012be46cd9ebe
7e59f8e4e4cbd11ea957ee1d40911796dbdc4511
1506238c53826537a0220fd1a4bdcda57718d5726d9a024b5d702d1e6aec478a

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "0edcf740b4106100abadd2b893d52f23"
last-modified: Thu, 25 Aug 2022 23:15:18 GMT
req-referer: https://yyo7.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 8d156ac3a10d6aea35aeb01c2bf90770
x-envoy-upstream-service-time: 173
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 5167509
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200084-IAD, cache-lga21969-LGA, cache-iad-kjyo7100120-IAD, cache-bma1633-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 44, 1
x-timer: S1668250846.798540,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
x-vcl-time-ms: 1
content-length: 7530
X-Firefox-Spdy: h2

vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js

151.101.85.44

200 OK

30 kB

URL HTTP/2
vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29911 bytes)
Hash
1bb4fe57c8c100e340264f84207b752c
2a28aeb084639a401f0cd87aec8bbe850870526d
ad3a717d4868f3571cd032eb81b5cea3492d713c599acaa32872b2f03766528b

HTTP Headers

GET /lite-unit/3.9.6/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 10:48:33 GMT
etag: "defa80fca84ea6620e26bc79bffe323e"
server: AmazonS3
via: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Ahhmoz-qJnMshrGnf8PQmZnB8loqEuIOs8qi_oTh0T8V2-V2jCscaA==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 346276
x-served-by: cache-bma1633-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 9999
x-timer: S1668250846.801105,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29911
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg

151.101.85.44

200 OK

11 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (10792 bytes)
Hash
2042a6ae5431a6a0ae6778a926abe92b
cf32b74bc4f87c5f63d04af8dfe5681731ee7670
72fc20edd11e5ea67c6d543a25aabb21174b028dd73c0f943e81019a52e1c852

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "1d87cb50171b3fd37fd4f565d4215e54"
last-modified: Fri, 02 Sep 2022 13:32:42 GMT
req-referer: https://wamdw.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: aca97239202acbb05f0126a178d36274
x-envoy-upstream-service-time: 172
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 5595991
x-served-by: cache-iad-kcgs7200085-IAD, cache-iad-kcgs7200052-IAD, cache-lga21964-LGA, cache-iad-kiad7000047-IAD, cache-bma1633-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 178, 1
x-timer: S1668250846.801538,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 10792
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg

151.101.85.44

200 OK

11 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (10952 bytes)
Hash
bad76966fb664d5911ca4bad702c9eca
dfb7c26b7d2c3597f1185ec6a83d97e705e6f601
6bd84e23b0ae524e84c851c5cd130da33cd48ba96eadb16774b6e9c76f3f26a0

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 311438301812572966555265208773229228139,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 311438301812572966555265208773229228139,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "414de10e3764a2dd4edb592992949c4a"
expiration: expiry-date="Tue, 15 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 15 Oct 2022 18:04:02 GMT
req-referer: https://magdi54.forumegypt.net/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 1120
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 1523573
x-served-by: cache-iad-kiad7000064-IAD, cache-iad-kcgs7200063-IAD, cache-chi-klot8100027-CHI, cache-iad-kiad7000030-IAD, cache-bma1633-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 14, 1
x-timer: S1668250846.802011,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
x-vcl-time-ms: 1
content-length: 10952
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif

151.101.85.44

200 OK

22 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x184, components 3\012- data
Size
22 kB (21720 bytes)
Hash
5d531c6f9f7e92d5559ba29bf2147e24
0e687269645cebf02d55a4c56f4b07ed5fed5957
7ca37b2e17af62dc3a47dffad9933e6714fc0336f1acd41b8e094361cad9cac8

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 538475434606933197924381234642994484733,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 538475434606933197924381234642994484733,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "5d531c6f9f7e92d5559ba29bf2147e24"
last-modified: Tue, 11 Oct 2022 08:55:22 GMT
server: cloudinary
status: 200 OK
timing-allow-origin: *
x-request-id: a731c750b8e18f371a75061817c5b07a
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 795617
x-served-by: cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100112-IAD, cache-bma1633-BMA
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 21, 1
x-timer: S1668250846.801787,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
x-vcl-time-ms: 2
content-length: 21720
X-Firefox-Spdy: h2

api.viglink.com/api/domains

99.80.60.12

200 OK

42 B

URL HTTP/1.1
api.viglink.com/api/domains
IP
99.80.60.12:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
42 B (42 bytes)
Hash
6b05cab078e8db670a781900d627b277
6117313f5f6ed34327e59e37a4d4534352c7a243
4fbbc555eab44e66b9f477bca6da329162bbf77563bd344ba2e8f6a1518eb489

HTTP Headers

POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 318
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://troy2.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg

151.101.85.44

200 OK

8.3 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.3 kB (8302 bytes)
Hash
fee6ceb29bdd8cfd0b9a22f2ee50e6c6
129d435fdb13ff63d34861565cb65d8c8d322ef2
0560387167e7869a2203acc310605ed6ddf669ce591ba916ee1b9d947759fc3d

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 299606347271847295156359285904511813153,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 299606347271847295156359285904511813153,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "a8f03fb3749b4bdb04faf11bda3338d3"
expiration: expiry-date="Sun, 06 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 06 Oct 2022 00:31:50 GMT
req-referer: https://hipo.yoo7.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 632
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 835605
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100026-IAD, cache-chi-klot8100108-CHI, cache-iad-kiad7000123-IAD, cache-bma1633-BMA
x-cache: MISS, HIT, HIT, HIT, MISS
x-cache-hits: 0, 2, 1, 6, 0
x-timer: S1668250846.801654,VS0,VE91
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg
x-vcl-time-ms: 91
content-length: 8302
X-Firefox-Spdy: h2

il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7468&cv=20221108-4-RELEASE&lt=deflated&pct=1

185.106.33.48

204 No Content

0 B

URL HTTP/2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7468&cv=20221108-4-RELEASE&lt=deflated&pct=1
IP
185.106.33.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /forumotion-ar/log/2/debug?tim=11%3A00%3A45.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7468&cv=20221108-4-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
x-fastly-to-nlb-rtt: 82268
access-control-allow-credentials: true
X-Firefox-Spdy: h2

il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.211&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=9857&cv=20221108-4-RELEASE&lt=deflated&pct=1

185.106.33.48

204 No Content

0 B

URL HTTP/2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.211&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=9857&cv=20221108-4-RELEASE&lt=deflated&pct=1
IP
185.106.33.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /forumotion-ar/log/2/debug?tim=11%3A00%3A45.211&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=9857&cv=20221108-4-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
x-fastly-to-nlb-rtt: 82268
access-control-allow-credentials: true
X-Firefox-Spdy: h2

15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668250844901&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=50df4ac3a8a0c2a95f7c29120bf5a0a4&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189

151.101.85.44

200 OK

9.1 kB

URL HTTP/2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668250844901&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=50df4ac3a8a0c2a95f7c29120bf5a0a4&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32979), with no line terminators
Size
9.1 kB (9087 bytes)
Hash
89cbb53e3a05f3da8adbbd74911dfad0
ab64e4fd3dfe760036ddab501f7d52dcf00abfc4
ca698d7d6a2d6dba4a8e5d5b57ae8e84138645b0eb5c09683f3a5f2f1d0a7912

HTTP Headers

GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668250844901&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=50df4ac3a8a0c2a95f7c29120bf5a0a4&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.712218,VS0,VE38
vary: Accept-Encoding
X-Firefox-Spdy: h2

am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=31589837&cb=1668250845508&uv=3241&tms=1668250845508&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668250842234!ts:1668250845508&mntl=1

141.226.228.48

200 OK

0 B

URL HTTP/2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=31589837&cb=1668250845508&uv=3241&tms=1668250845508&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668250842234!ts:1668250845508&mntl=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=31589837&cb=1668250845508&uv=3241&tms=1668250845508&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668250842234!ts:1668250845508&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5141
Cache-Control: max-age=139079
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:38:45 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=139351
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:43:17 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1593
Cache-Control: max-age=135531
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 00:39:37 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

vidstat.taboola.com/vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js

151.101.85.44

200 OK

128 kB

URL HTTP/2
vidstat.taboola.com/vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size
128 kB (127530 bytes)
Hash
151facb98d755a46fd260231d78130a9
f10823c4a61f363f3256882cea2ca31881e4afd5
678985021845d0de22cd87f7cfe9f174f170791fbd99d91237fb9ad6742f72e5

HTTP Headers

GET /vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 1yXNPquop0+Zvalsht6cm6Z/leKNzl+LPgBYbMGuhP07wVVrY6iRM4MUHQHpDgMNh1Ejf//TflA=
x-amz-request-id: EHGZNJWMAS99HHZH
last-modified: Thu, 10 Nov 2022 16:14:45 GMT
etag: "151facb98d755a46fd260231d78130a9"
x-amz-meta-ctime: 1668096884
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1668096883
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
age: 153439
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 17010
x-timer: S1668250846.322642,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127530
X-Firefox-Spdy: h2

vidstat.taboola.com/vpaid/units/32_4_1/assets/css/cmOsUnit.css

151.101.85.44

200 OK

8.3 kB

URL HTTP/2
vidstat.taboola.com/vpaid/units/32_4_1/assets/css/cmOsUnit.css
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text
Size
8.3 kB (8297 bytes)
Hash
a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991

HTTP Headers

GET /vpaid/units/32_4_1/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: bAySMeSEXUGF3N8aZ6rmf8GYDZEd5K/VMoUKcFg92G+JmjfEGiEl/M1DtvrgnTYRvY/caUbbLEE=
x-amz-request-id: BD24MC3C62DTEDFC
last-modified: Thu, 10 Nov 2022 16:15:38 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1668096937
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1668096936
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
age: 153440
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 34104
x-timer: S1668250846.325655,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2

imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&cmcv=&pix=undefined&cb=1668250845465&uv=3241&tms=1668250845465&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=94b81981-12d8-44ac-a725-d9ca120022ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

151.101.85.44

200 OK

549 B

URL HTTP/2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&cmcv=&pix=undefined&cb=1668250845465&uv=3241&tms=1668250845465&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=94b81981-12d8-44ac-a725-d9ca120022ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1119), with no line terminators
Size
549 B (549 bytes)
Hash
5f5e0a29aaff15afb2d35c60c547722b
c0195a3dba44f41329da00db759a4758df4c0ea5
95069f141c2072cbade07f1de6b3c18e70d566b02370e71c060388804b3c56c3

HTTP Headers

GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&cmcv=&pix=undefined&cb=1668250845465&uv=3241&tms=1668250845465&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=94b81981-12d8-44ac-a725-d9ca120022ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.150367,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2

sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26

185.94.180.125

302 Found

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427a888f-6279-11ed-b555-186cd56e0206; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206
X-fe: 54
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

302 Found

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427a9285-6279-11ed-91ea-1a3233820406; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406
X-fe: 109
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

302 Found

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427a8a5a-6279-11ed-b394-1891fad20106; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106
X-fe: 83
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

204 No Content

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=426e5fff-6279-11ed-8473-1bce7de30306
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=426e5fff-6279-11ed-8473-1bce7de30306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427ab441-6279-11ed-ae62-1d0a0d900206; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 129
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

204 No Content

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42812fd9-6279-11ed-a0ae-190e06a80106; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 17
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

204 No Content

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42811711-6279-11ed-91eb-16a7f9820506; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

204 No Content

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42812e44-6279-11ed-953c-152b84bd0206; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 80
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

2.21.206.244

301 Moved Permanently

0 B

URL HTTP/2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
2.21.206.244:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Sat, 12 Nov 2022 11:00:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
0edbe1c667ed349e921fd6df67c23a55
726fea8bf587c05aa257132ba30e31bf5facdf45
78fa87478a3bf5ef22ca286985bc0e7a8350968c90f96c2cf91fa3e0789f1af0

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 16 Nov 2022 08:46:42 GMT
ETag: "726fea8bf587c05aa257132ba30e31bf5facdf45"
Last-Modified: Sat, 12 Nov 2022 08:46:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 218
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 768ec40eed491c0a-OSL

eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

2.23.134.137

200 OK

233 B

URL HTTP/1.1
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
2.23.134.137:0
ASN
#1299 Telia Company AB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
233 B (233 bytes)
Hash
6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180

HTTP Headers

GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1

35.71.131.137

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js

151.101.85.44

200 OK

87 kB

URL HTTP/2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
87 kB (87152 bytes)
Hash
dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd

HTTP Headers

GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
age: 1394724
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 80309
x-timer: S1668250847.657056,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=571562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768ec40ec8d5b51b-OSL

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a1ed8df21e4c04c289cefd12923979a5
51d04bca37ce80efe20927861a53aeb2814e9f1b
bea756f99dba5fba84e2b57dd43191cf06c14f61a2a30175b308cb1d30b1fef3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115118
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636e82b5-1d7"
Expires: Sun, 13 Nov 2022 18:59:24 GMT
Last-Modified: Fri, 11 Nov 2022 17:13:25 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PiMEKvRI2BiFKcU7bIyFwHUiY24S6qKKDYPraiOWqfe_DDbb-noxnQ==
Age: 6359

x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola

3.120.50.91

200 OK

43 B

URL HTTP/1.1
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
3.120.50.91:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Length: 43
Connection: keep-alive

vidstatb.taboola.com/vid/blackScreen5.mp4

151.101.85.44

206 Partial Content

91 kB

URL HTTP/2
vidstatb.taboola.com/vid/blackScreen5.mp4
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
91 kB (90784 bytes)
Hash
b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

HTTP Headers

GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
age: 1663611
x-served-by: cache-bma1633-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 114991
x-timer: S1668250847.861228,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2

eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

2.23.134.137

200 OK

233 B

URL HTTP/1.1
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
2.23.134.137:0
ASN
#1299 Telia Company AB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
233 B (233 bytes)
Hash
6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180

HTTP Headers

GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true

141.226.228.48

200 OK

1.4 kB

URL HTTP/2
am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type
data
Size
1.4 kB (1374 bytes)
Hash
a1f4cc6e00fe70f814e78899a2dff4bd
98127c5c4b93d8ca768a0165174591d8dba946cd
f3d2502ec370d7b7a7f6eb50afe4fe7ca2da5c1b36e8996bf5bac430270050ab

HTTP Headers

GET /sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2

trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2

151.101.85.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3441
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250847.833716,VS0,VE81
x-vcl-time-ms: 81
X-Firefox-Spdy: h2

trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV&lti=deflated

151.101.85.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV&lti=deflated
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV&lti=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2396
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250847.835788,VS0,VE82
x-vcl-time-ms: 82
X-Firefox-Spdy: h2

eus.rubiconproject.com/usync.js

2.23.134.137

200 OK

9.9 kB

URL HTTP/1.1
eus.rubiconproject.com/usync.js
IP
2.23.134.137:0
ASN
#1299 Telia Company AB

File type
ASCII text, with very long lines (18075)
Size
9.9 kB (9883 bytes)
Hash
6c6dabf9115813a163e276026248773b
bf653e274329d7f7084620e59fa933ebd12a4c69
804e59b05c4fbf2792e0632e99dd816d7f4497046066647255851ae972b8f536

HTTP Headers

GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 11 Nov 2022 22:51:18 GMT
Content-Encoding: gzip
Content-Length: 9883
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=42661
Expires: Sat, 12 Nov 2022 22:51:47 GMT
Date: Sat, 12 Nov 2022 11:00:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4de33015ba155dcb5ef7c74c9533d120
36f2bb041a3a01b2196b55d0b64b49e144d033f4
11d8378a9a1e894d5b6bf1aee7d08bb8209063779c0f59e1c1d9f735514b6f2e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5586
Cache-Control: max-age=107087
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636e665b-1d7"
Expires: Sun, 13 Nov 2022 16:45:33 GMT
Last-Modified: Fri, 11 Nov 2022 15:12:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

185.94.180.125

302 Found

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42c89958-6279-11ed-92a9-156973b60506; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506
X-fe: 5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

302 Found

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42c928f3-6279-11ed-b3af-1974e5cf0506; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506
X-fe: 120
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

ups.analytics.yahoo.com/ups/58534/occ

3.126.56.137

302 Found

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58534/occ
IP
3.126.56.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 12 Nov 2022 11:00:46 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBN58b2MCEHoRD7_rIG9udw1B9PXDlqcFEgEBAQHOcGN5YwAAAAAA_eMAAA&S=AQAAAqS5dTSycQgkT3tSlXc-LWg; Expires=Sun, 12 Nov 2023 17:00:46 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

185.94.180.125

204 No Content

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:47 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42d4377c-6279-11ed-a27e-1afcdea00306; expires=Sat, 10-Dec-2022 11:00:47 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 130
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

185.94.180.125

204 No Content

0 B

URL HTTP/1.1
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506
IP
185.94.180.125:0
ASN
#35220 SpotXchange, INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:47 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42d41c4c-6279-11ed-8506-175cf56a0106; expires=Sat, 10-Dec-2022 11:00:47 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 24
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

ups.analytics.yahoo.com/ups/58534/occ?verify=true

3.126.56.137

204 No Content

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
3.126.56.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 12 Nov 2022 11:00:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBN98b2MCEODdA6bJBAAZAhcGvT7djBsFEgEBAQHOcGN5YwAAAAAA_eMAAA&S=AQAAAknPsvPJ1F_Z6cCq-Gb3sz4; Expires=Sun, 12 Nov 2023 17:00:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola

3.120.50.91

200 OK

43 B

URL HTTP/1.1
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
3.120.50.91:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sat, 12 Nov 2022 11:00:47 GMT
Content-Length: 43
Connection: keep-alive

match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1

35.71.131.137

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:47 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e050cde8f71c01a1ed630be9488af0b0
f36d87250eb78bfed548b884585afdfb4fa38725
2f46f3cf49941e7e6317adec9ac33e5f000529bd3d94abd6ff23bb52879b49ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1437
Cache-Control: max-age=138612
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:47 GMT
Etag: "636ef1b6-1d7"
Expires: Mon, 14 Nov 2022 01:30:59 GMT
Last-Modified: Sat, 12 Nov 2022 01:07:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif

cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---

142.250.74.98

302 Found

326 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
326 B (326 bytes)
Hash
b7935dc8845592ea78857bb810cd7130
5f497e1627a95df483b70b9436c9431d9ba384d9
2116c3bba5a4dfc09063000e6cefcb61c1e83f2c416370cdd88560aad68fe369

HTTP Headers

GET /pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
date: Sat, 12 Nov 2022 11:00:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 326
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Nov-2022 11:15:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9e85d741ba7237eb96c4e4bbc3f171e8
0bce5506fff05d97c940990bb7a0cbd0fc723f64
abb9a1f1c30de0d5196fb9e85897b9b70b7bd44ffebe043af3e6e25e4bf87c20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=122118
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:47 GMT
Etag: "636ea70f-1d7"
Expires: Sun, 13 Nov 2022 20:56:05 GMT
Last-Modified: Fri, 11 Nov 2022 19:48:31 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

px.owneriq.net/erb?gdpr=1&us_privacy=1---

184.86.2.127

302 Moved Temporarily

0 B

URL HTTP/1.1
px.owneriq.net/erb?gdpr=1&us_privacy=1---
IP
184.86.2.127:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /erb?gdpr=1&us_privacy=1--- HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 12 Nov 2022 11:00:47 GMT
Connection: keep-alive

taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo

34.192.165.142

200 OK

43 B

URL HTTP/2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP
34.192.165.142:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:47 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=

142.250.74.98

200 OK

170 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
170 B (170 bytes)
Hash
e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

HTTP Headers

GET /pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
date: Sat, 12 Nov 2022 11:00:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

px.owneriq.net/noop?ct=image%2Fgif

184.86.2.127

200 OK

0 B

URL HTTP/1.1
px.owneriq.net/noop?ct=image%2Fgif
IP
184.86.2.127:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /noop?ct=image%2Fgif HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 0
Content-Type: image/gif
Date: Sat, 12 Nov 2022 11:00:47 GMT
Connection: keep-alive

token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---

213.19.162.90

204 No Content

0 B

URL HTTP/1.1
token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
IP
213.19.162.90:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4

token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---

213.19.162.90

204 No Content

0 B

URL HTTP/1.1
token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
IP
213.19.162.90:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /token?pid=36584&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4

token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---

213.19.162.90

204 No Content

0 B

URL HTTP/1.1
token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
IP
213.19.162.90:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /token?pid=25470&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d5c7d31e505103f093db6d1ed70deaa2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
97629f80a6558b41149be193005a33ab
1ef1a0398f77d94c03f98f2186748be53688a4e1
0021cdba660011fbb03dd2444924c3067a3d9771ad1c7ca81b21c29f65915155

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 11 Nov 2022 19:59:09 GMT
Expires: Sat, 12 Nov 2022 19:59:09 GMT
ETag: "1ef1a0398f77d94c03f98f2186748be53688a4e1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

match.adsby.bidtheatre.com/rubiconmatch?gdpr=1&us_privacy=1---

159.65.196.12

302 302

0 B

URL HTTP/1.1
match.adsby.bidtheatre.com/rubiconmatch?gdpr=1&us_privacy=1---
IP
159.65.196.12:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rubiconmatch?gdpr=1&us_privacy=1--- HTTP/1.1
Host: match.adsby.bidtheatre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 302
Date: Sat, 12 Nov 2022 11:00:47 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Set-Cookie: __kuid=0734362f-7367-43ea-b502-e3b09511781b.437464847; Max-Age=604800; Domain=.adsby.bidtheatre.com; SameSite=None; Secure
Location: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b
Content-Length: 0
Keep-Alive: timeout=5, max=3000
Connection: Keep-Alive

pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9d4c8b26f392cde4fc452cc71ae02353
14969cb81b64bf593c1ac8202c398f7471c5358f
f4f2c733470dd9d5214c17a08d721ff1bf0d81889014642b1bc15c619afb786f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91425
Date: Sat, 12 Nov 2022 11:00:47 GMT
Etag: "636e2f9c-1d7"
Expires: Sun, 13 Nov 2022 12:24:32 GMT
Last-Modified: Fri, 11 Nov 2022 11:18:52 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xoSWZMbwipyFZtKvnmKB53jJqgbpkrZ60DoTN1Y1nUry_6so4Xz6xQ==
Age: 3940

cdn.taboola.com/scripts/cds-pips.js

151.101.85.44

200 OK

1.3 kB

URL HTTP/2
cdn.taboola.com/scripts/cds-pips.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3545), with no line terminators
Size
1.3 kB (1340 bytes)
Hash
780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30

HTTP Headers

GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:47 GMT
via: 1.1 varnish
age: 3493
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 3374
x-timer: S1668250848.505835,VS0,VE0
vary: Accept-Encoding
abp: 99
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2

pips.taboola.com/

151.101.85.44

200 OK

4 B

URL HTTP/2
pips.taboola.com/
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

HTTP Headers

GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://troy2.yoo7.com
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2

sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1---

34.199.177.9

302 Found

175 B

URL HTTP/1.1
sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1---
IP
34.199.177.9:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text
Size
175 B (175 bytes)
Hash
6c4b3f805796e4788600d138189f566d
b48a78061f21071e83cdeb0e266e85ffe50999c4
996a53eaee06987e2f2533a715fa90ee17b74808dcd525bd2c196c87273ebf12

HTTP Headers

GET /d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1--- HTTP/1.1
Host: sync.ipredictive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sat, 12 Nov 2022 11:00:47 GMT
Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1---
Set-Cookie: cu=788899bb-7d8d-4e8b-9710-696ec856e0ad|1668250847504; Path=/; Domain=ipredictive.com; Expires=Sun, 12 Nov 2023 11:00:47 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 0e23cb51-5ea8-495b-8441-a7d56db014ff
Content-Length: 175
Connection: keep-alive

pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1---

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1---
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif

wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250850531&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1419343000&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1

151.101.85.44

200 OK

1.1 kB

URL HTTP/2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250850531&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1419343000&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
data
Size
1.1 kB (1061 bytes)
Hash
3267eb10ad82016083c513797d3e881c
0db3c930b2588875a43564d469533cd1451314d3
61e81c93901fccf4e7b6a09a204efdd519f6188451634a081d8680339cf2fe62

HTTP Headers

POST /VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250850531&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1419343000&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1417
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250851.201698,VS0,VE72
vary: Accept-Encoding
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=54c60ff425ab48689bcb14f2eebc58b5&zoneId=2308013&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=54c60ff425ab48689bcb14f2eebc58b5&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
790bb066ab0e76cec90d038317f499e9
0a46550316e768a6156fe8168c20ce60475e5edc
6b7a06e46ef0eb965421140e67bef7ac0e25c5831a185a61fc94e7275c47f5f9

HTTP Headers

GET /gid.js?pub=0&userId=54c60ff425ab48689bcb14f2eebc58b5&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Cookie: ID=2c4f77cb31fa44cbac944d6e61aa57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c4f77cb31fa44cbac944d6e61aa57f6; expires=Sun, 12 Nov 2023 11:00:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

stootsou.net/pfe/current/tag.min.js?z=2308013

139.45.197.250

200 OK

0 B

URL HTTP/2
stootsou.net/pfe/current/tag.min.js?z=2308013
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

stootsou.net/pfe/current/universal.min.js?v=3.1.403

139.45.197.250

200 OK

0 B

URL HTTP/2
stootsou.net/pfe/current/universal.min.js?v=3.1.403
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.403 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-180b9"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 745209
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
x-crto-bundle: glE9HF9FS0RZRk9XS0o3NjRUaUE5ZnVEaDBQdUFKV0ZkWHo3JTJGT1R0YVBqY1I0OHRhUCUyQkhrRWVRa1Y5YXBCMFhBN1hJNWRjMmFxSWxvOVczMEp1T2pyeENDT3dJbXg4WkNHdHpBaWthSU0lMkZ6aEpYOGVGcWtlRU1Cb2JNRGtTbmQlMkZkakZo
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://troy2.yoo7.com
server-processing-duration-in-ticks: 2288776
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1668250844863&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=c9ed0ff8ac8c635f7bdf82bd4e78fe8f&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189

151.101.85.44

200 OK

0 B

URL HTTP/2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1668250844863&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=c9ed0ff8ac8c635f7bdf82bd4e78fe8f&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1668250844863&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=c9ed0ff8ac8c635f7bdf82bd4e78fe8f&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.549378,VS0,VE37
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=troy2.yoo7.com&info=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ&idsd=-231654676,-2043637528&cw=1&lsw=1

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=troy2.yoo7.com&info=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ&idsd=-231654676,-2043637528&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=troy2.yoo7.com&info=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ&idsd=-231654676,-2043637528&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1072817
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdn.betgorebysson.club/?rb=RRWp58us2dZTWfU2hzYXl0CTliIAcsfJv7-bhzMq13X4AVt9Jh9ac84h0O2_rglj-ClX0h5f2-AO9GK2bVyNyPxltL_tHbxfbt09sSeDo0TVeWuju1oUUa50cSUpfD6AxfCaVAi3tfGo4TXJwzkOts_PUIo62x1DgaKW7a6ps37Ep0QZjJQUXk99YlFPEixXIBcBwy9Tow0L6iFKEOohSU8ZpxD4tIrPszkEvRbGIQY%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=0e95b403-8b78-426c-b0a1-40a48c599deb&userId=2c4f77cb31fa44cbac944d6e61aa57f6&m=link

139.45.195.8

200 OK

0 B

URL HTTP/2
cdn.betgorebysson.club/?rb=RRWp58us2dZTWfU2hzYXl0CTliIAcsfJv7-bhzMq13X4AVt9Jh9ac84h0O2_rglj-ClX0h5f2-AO9GK2bVyNyPxltL_tHbxfbt09sSeDo0TVeWuju1oUUa50cSUpfD6AxfCaVAi3tfGo4TXJwzkOts_PUIo62x1DgaKW7a6ps37Ep0QZjJQUXk99YlFPEixXIBcBwy9Tow0L6iFKEOohSU8ZpxD4tIrPszkEvRbGIQY%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=0e95b403-8b78-426c-b0a1-40a48c599deb&userId=2c4f77cb31fa44cbac944d6e61aa57f6&m=link
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=RRWp58us2dZTWfU2hzYXl0CTliIAcsfJv7-bhzMq13X4AVt9Jh9ac84h0O2_rglj-ClX0h5f2-AO9GK2bVyNyPxltL_tHbxfbt09sSeDo0TVeWuju1oUUa50cSUpfD6AxfCaVAi3tfGo4TXJwzkOts_PUIo62x1DgaKW7a6ps37Ep0QZjJQUXk99YlFPEixXIBcBwy9Tow0L6iFKEOohSU8ZpxD4tIrPszkEvRbGIQY%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=0e95b403-8b78-426c-b0a1-40a48c599deb&userId=2c4f77cb31fa44cbac944d6e61aa57f6&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Cookie: OAID=2c4f77cb31fa44cbac944d6e61aa57f6; oaidts=1668250844
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json
x-trace-id: 7e1d1b6798e7163cfa657464dcfd8daf
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2c4f77cb31fa44cbac944d6e61aa57f6; expires=Sun, 12 Nov 2023 11:00:45 GMT; path=/; secure; SameSite=None
oaidts=1668250845; expires=Sun, 12 Nov 2023 11:00:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 19 Nov 2022 11:00:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?origin=publishertag&topUrl=troy2.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=3a890cbc-2c9c-4f5a-851e-6e67b06c215c; expires=Thu, 07 Dec 2023 11:00:43 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 873125
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1

151.101.85.44

200 OK

0 B

URL HTTP/2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1412
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.200552,VS0,VE101
vary: Accept-Encoding
X-Firefox-Spdy: h2

troy2.yoo7.com/t67-topic

178.33.44.177

200 OK

0 B

URL HTTP/2
troy2.yoo7.com/t67-topic
IP
178.33.44.177:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t67-topic HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 11:00:43 GMT
vary: User-Agent
set-cookie: exadd=166826; expires=Sat, 12-Nov-2022 15:00:43 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true

141.226.228.48

200 OK

0 B

URL HTTP/2
am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2

141.226.228.48

200 OK

0 B

URL HTTP/2
am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2

imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=undefined&cb=1668250845509&uv=3241&tms=1668250845509&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1c46cce3-81c5-4a4d-bd11-3b14cee6793a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

151.101.85.44

200 OK

0 B

URL HTTP/2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=undefined&cb=1668250845509&uv=3241&tms=1668250845509&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1c46cce3-81c5-4a4d-bd11-3b14cee6793a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=undefined&cb=1668250845509&uv=3241&tms=1668250845509&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1c46cce3-81c5-4a4d-bd11-3b14cee6793a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.188066,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2

141.226.228.48

200 OK

0 B

URL HTTP/2
am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2

illiweb.com/rs3/64/frm/embed/FA_Embed.js

172.67.150.97

200 OK

0 B

URL HTTP/2
illiweb.com/rs3/64/frm/embed/FA_Embed.js
IP
172.67.150.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rs3/64/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:53 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 441230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpz5u0g6Nz1wa2yb6W7CgdQsHbmonprVltBJjdQ0qWVwu%2FlctFcERb2vZ89xouK7P%2BcBuzFyxy3pXdPFsoj9FHVT0%2BgX4YNO6nBQz4f6teYi6IzeZMUyW7suyZmzTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fd2898b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=rtus&topUrl=troy2.yoo7.com

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?origin=rtus&topUrl=troy2.yoo7.com
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?origin=rtus&topUrl=troy2.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=cc2a7e2e-ea07-41e6-bfc2-d9b370d8d434; expires=Thu, 07 Dec 2023 11:00:45 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 907007
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845495&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1

151.101.85.44

200 OK

0 B

URL HTTP/2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845495&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845495&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1455
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.194786,VS0,VE103
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations