troy2.yoo7.com/t67-topic
94.23.159.185301 Moved Permanently 0 B IP 94.23.159.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t67-topic HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 11:00:43 GMT
Content-Length: 0
Location: https://troy2.yoo7.com/t67-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11795
Expires: Sat, 12 Nov 2022 14:17:18 GMT
Date: Sat, 12 Nov 2022 11:00:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=90265
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:05:08 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 10:44:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 994
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5765
Expires: Sat, 12 Nov 2022 12:36:48 GMT
Date: Sat, 12 Nov 2022 11:00:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nXoLfME3twRYxylc2VjQtDziqaAH3ECdrj7xO53fEJtXfnW2eGlqO95StzvyomFfm5uIasUUf3Q=
x-amz-request-id: WVH21H9Y2WVRP8S1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 10:12:57 GMT
age: 2866
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d48323467407b9d6d0e9e3090530a2bf
b4671e4de6d0fdaaaa72e0d4e6fe2952edfc5f06
03bbdddbbe0a093231c77bb88e839cd6079e44dad3de520d08e024b3dcf7d5dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03BBDDDBBE0A093231C77BB88E839CD6079E44DAD3DE520D08E024B3DCF7D5DC"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4046
Expires: Sat, 12 Nov 2022 12:08:09 GMT
Date: Sat, 12 Nov 2022 11:00:43 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7c62234e4e31fff8d9d6a23a63719fb0
73f28838ffaf3afe80d840a47c233b51c5761257
0ce5c95d47e824a60c373847bef8d755a070818d4766ae0009d2553b2c109de8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=158461
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636f30fa-116"
Expires: Mon, 14 Nov 2022 07:01:44 GMT
Last-Modified: Sat, 12 Nov 2022 05:36:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7c62234e4e31fff8d9d6a23a63719fb0
73f28838ffaf3afe80d840a47c233b51c5761257
0ce5c95d47e824a60c373847bef8d755a070818d4766ae0009d2553b2c109de8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=158461
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636f30fa-116"
Expires: Mon, 14 Nov 2022 07:01:44 GMT
Last-Modified: Sat, 12 Nov 2022 05:36:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7c62234e4e31fff8d9d6a23a63719fb0
73f28838ffaf3afe80d840a47c233b51c5761257
0ce5c95d47e824a60c373847bef8d755a070818d4766ae0009d2553b2c109de8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5086
Cache-Control: max-age=158461
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636f30fa-116"
Expires: Mon, 14 Nov 2022 07:01:44 GMT
Last-Modified: Sat, 12 Nov 2022 05:36:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash b6cf70816bf43e1662467ce66b77a1e9
cb13813fe269c0abf0cd1a78f1eb0e8fb593629b
302efa91231ae3a038748da17469643425584c9eb9c797525c9e36dc6f472552
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2848
Cache-Control: max-age=111953
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Etag: "636e840c-2d7"
Expires: Sun, 13 Nov 2022 18:06:36 GMT
Last-Modified: Fri, 11 Nov 2022 17:19:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 2a7f9929fdab96f79cf4cc7a7eec0b8a
3e2178736f8b5346fa5dc1c43ef524aa196eb240
7589c050319e668149f72a4a5d70829b239e3fa30ddf740e3fe4534e12f383ad
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 11:00:43 GMT
expires: Sat, 12 Nov 2022 11:00:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.42:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 18:40:06 GMT
expires: Wed, 08 Nov 2023 18:40:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 318037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 693b6605d78dc3adfd2df994aabb9061
d99e2620a87996324870bf52752653101bfbac75
72e558c5320f8bd0de6359fa4c004e06b39da454b57f507cc4e89ca23cddf782
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 11:00:43 GMT
expires: Sat, 12 Nov 2022 11:00:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/lang/ar.js
172.67.150.97200 OK 19 kB URL HTTP/2 illiweb.com/rs3/64/frm/lang/ar.js
IP 172.67.150.97:0
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash 5721d7043af80a90cf0e0dd61dd5acb1
b05b003b61208711571f9f4742867962cfd8cb3c
39f5aec06ad1f1eb75afdc8a4ce98cadbdb1b78472eba0923ad1f8b3f6a10a41
GET /rs3/64/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:39:39 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 440464
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qW4IyPujBIUoaqq7tEJ%2Fyn%2FUPpZw2mNKHhj8B5VOtm4OMeVExUjIxLwcEJxM5Zxb3CItND4CHGYr%2B7QgYNZGwXeQXlMRc%2BngCrWywEDoqzgCdvXTYipw%2FG1vFLiuXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fd288fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/icon_minipost.gif
104.21.235.175200 OK 123 B URL HTTP/2 2img.net/i/fa/onyx/icon_minipost.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 13 x 9\012- data
Hash aa8228d74277b9f62b121e890147f2ff
07cc94349e10bd67ac9528aa2253ab82413ef90c
680720ede87ae9d67b34e749086722e8e4936ead686685c0f1de87223d08bf4f
GET /i/fa/onyx/icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 123
last-modified: Mon, 16 May 2016 11:00:14 GMT
etag: "5739a83e-7b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3121801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edswAHAwSKU1qkrHeVW%2BdyCmFBDb%2BYgtsEPfdK%2FWJ3V%2B87NvVd1DIWnIu26xpbaZJRH3jLL%2B69gHbuD7n6OeWMxLFNxA4WOgXtoT%2FGmnwlSqxKGY9rxomPHyyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac68dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.175200 OK 43 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3123707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1fKu9IFHYPI9GuJpFVlPQbnusVHcVNjz7o78xZuTLVMDy5wdjIHBIzE3bHJT3gN91W3Uta0aMXAgsMey3OkALYM1W3HR80BZCmZd1Cxu5DrQW1o%2FPmEjvZrwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6ddd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/icon_minitime.gif
104.21.235.175200 OK 194 B URL HTTP/2 2img.net/i/fa/onyx/icon_minitime.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 12 x 9\012- data
Hash 45df8fa66cbcbc9f4d5de9d4aa6d6cbd
7907f257cb3b4caa16ecfd2df17538d3a3a5a428
22d8ca8b8455b3caf467b34df658773bb22bc9b628c6264e9c09d66585fdcac1
GET /i/fa/onyx/icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 194
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-c2"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3118014
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRdVnOBBn%2FoE0q0iOT%2BaY13uD8nv%2FQTlavfMQDwaAyckxH6f0eKCUlnZ7yNNCTYPJKgAIGEZv%2FuPeTqRAbYLovU6J0evz74NWQC7KkeJhpcL%2FYZE8gJpADeZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac69dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/15/32/88/i_icon_mini_register.gif
104.21.235.175200 OK 9.8 kB URL HTTP/2 2img.net/s/t/15/32/88/i_icon_mini_register.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 125 x 61\012- data
Hash 96c1a204ab1a061d14c70578b147971a
345576043131ffd725c5c2095c2e3b8593655d52
a53b0a9db17087b483bb100cf5998cac067a58a2ddc6cb85f730a8208873aefc
GET /s/t/15/32/88/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 9758
last-modified: Fri, 09 Apr 2010 10:38:41 GMT
etag: "4bbf03b1-261e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl%2FI2xYrsFp8hfzfbJ5nnsIBQHfAcen15ujXe%2BcqmXlCBoYdQL5gST69CitLq47hgrRfDLbavVWjwWwyh62fEYqcfaoBoGf5ZrIG2clJkm3eQbmEI5qwqMsIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac70dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
troy2.yoo7.com/0-rtl.css
178.33.44.177200 OK 55 kB IP 178.33.44.177:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 2ce9101f9405eb8927280180ac2d014c
36584fff401cc3145c7ee0aa421cfaef84c1120f
2f3d7a38deb447cdb773e7b05511d9e21bd0a4f4b19fd967bcf02302272ca714
GET /0-rtl.css HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/t67-topic
Cookie: exadd=166826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/css
content-length: 55226
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 10:25:00 GMT
cache-control: public,max-age=3600
age: 2143
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/i/fa/onyx/icon_www.gif
104.21.235.175200 OK 1.2 kB URL HTTP/2 2img.net/i/fa/onyx/icon_www.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 29 x 18\012- data
Hash 1309f152caa558704b1b66f700fae34f
8ec3b4596b3c2ac748080877e6c6c2d1ccac4511
ef7ce97a721c0f42d0b015d6d8db7d950c0b5b9851ab8d65d64b4c013e143abc
GET /i/fa/onyx/icon_www.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 1222
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-4c6"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y%2Fc%2Fjs8yCsl41xPGcXQezeLQ73DDXOOrHeYocC9Mm0UtnTnSQsSi%2FrbHZba1NKKiCIl0Q06KSJHOVhKlwLUWMWeYBTvw%2FVnSN2g5J0giwXDDRQBgvo8T1qqmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6bdd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/15/32/88/i_icon_mini_index.jpg
104.21.235.175200 OK 7.9 kB URL HTTP/2 2img.net/s/t/15/32/88/i_icon_mini_index.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 125x61, components 3\012- data
Hash 54561cb0dc8a232d65d790fa14384a5c
0d941f7ca9922b2e1151693ddcac02bfaac97d0b
3310609a0bccdcce905b52ad7535f77796cdb78cc65da31bb5f335e6c736e16e
GET /s/t/15/32/88/i_icon_mini_index.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/jpeg
content-length: 7902
last-modified: Wed, 27 Oct 2010 17:49:04 GMT
etag: "4cc86610-1ede"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywsh3nE%2FjhHt8WHsqT4vE2RcRhKQ6bSjr5ckNjKxFpuj8tSOkVR%2BzsHMD1h3B9b4VnTisjMtGYnKbyYjCvX50NaQg7S2obp7Wxs5pqiJ8mqR1Eti7qPt%2FTFZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6cdd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/15/32/88/i_icon_mini_login.jpg
104.21.235.175200 OK 7.5 kB URL HTTP/2 2img.net/s/t/15/32/88/i_icon_mini_login.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 125x61, components 3\012- data
Hash 2dbefadfec06197a812eace96b82c378
cb605e61bec364253ecebc69ca1d79b9db5d297f
0da5ede56221876df16bef1dd212590a3fad47b0039bf33d2e62f699e264d7b4
GET /s/t/15/32/88/i_icon_mini_login.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/jpeg
content-length: 7491
last-modified: Wed, 27 Oct 2010 17:49:04 GMT
etag: "4cc86610-1d43"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG%2FXFl4ukJmhFHet%2BJwYAX3ASECzEdIptJhKYV7iZULsfdhgb0zFpA3o1PR4GzURvz51ERSP9m1uZff8sZfHYae9WmlPwyg%2FDTBNnM9IyHHJ%2Fhrdg11OD4Gh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac73dd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/15/32/88/i_icon_mini_portal.gif
104.21.235.175200 OK 6.8 kB URL HTTP/2 2img.net/s/t/15/32/88/i_icon_mini_portal.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 125 x 61\012- data
Hash 66d7e1bb4b7e9be8bbb4b988550e525d
5a9dce99afae49fcb89d9b865d583f10f6446905
55da547c69ee5a081f492410ff3d308a2df952dcc4a32e78aec882661497bd2f
GET /s/t/15/32/88/i_icon_mini_portal.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: image/gif
content-length: 6767
last-modified: Wed, 27 Oct 2010 21:15:48 GMT
etag: "4cc89684-1a6f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TOwDjBTJsy1w8dQ6UONLVxQOKazDPHoF2Xb67lCUkUZZJehKwRFJVJJOU4RASJRVfIe6fT9Nw0y9ugn8lLhnp9zlKp6X0C7d9x4t3clrFT%2F3VNZ5Ux18ifrFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fdac6fdd72-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2830
Cache-Control: max-age=168798
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 09:54:02 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=158182
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 06:57:06 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6084
Cache-Control: max-age=161639
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 07:54:43 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=158182
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 06:57:06 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a24f7ed5c0cf547278e07075d721f9f
15d904065bf5b4221cd6a85411591967e2a9e68e
f07e5b019b5344a676fc2aa87a2d9fb9bf229606fe4e71482355c54135a70bf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F07E5B019B5344A676FC2AA87A2D9FB9BF229606FE4E71482355C54135A70BF9"
Last-Modified: Fri, 11 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3914
Expires: Sat, 12 Nov 2022 12:05:58 GMT
Date: Sat, 12 Nov 2022 11:00:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 997365ae1f9cd071bf979a1466dcb40b
1c382a0ab3f8eae5c8394d31235bd7263aa85557
c5f7ec201b56fab66d5dbe69991f1ea086c4a532ce6f5415b783c624ffa804d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3530
Cache-Control: max-age=90304
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e2cd2-139"
Expires: Sun, 13 Nov 2022 12:05:48 GMT
Last-Modified: Fri, 11 Nov 2022 11:06:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
i.servimg.com/u/f85/14/35/47/42/b211.gif
172.67.178.62200 OK 3.6 kB URL HTTP/2 i.servimg.com/u/f85/14/35/47/42/b211.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0df512d11c9af7ba0b78ddf7aec51419
1c39b21679b0ff8a123bcc32dd12a3eaf635dfb9
bdd109659cb077b23e3af7904c0f030407e681f5db3fe8eef0f20cc9b4439345
GET /u/f85/14/35/47/42/b211.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/gif
content-length: 3599
last-modified: Sun, 11 Oct 2009 07:36:13 GMT
etag: "4ad18aed-e0f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 11 Nov 2023 08:54:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZfPoY5dH%2BPtMa5scC5LC5JgZ%2BJd2k726GDOO8hLBV24BLXXp8Z00LBgxJm1GTalqFBBI7HJk%2BAAHqDvJYC86%2F555hiRKiamJJBwpDduHfYkjv7asKtxAsGg9Ewf5NQo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff8bde1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f15/14/35/47/42/ouoouo11.png
172.67.178.62200 OK 1.6 kB URL HTTP/2 i.servimg.com/u/f15/14/35/47/42/ouoouo11.png
IP 172.67.178.62:0
File type PNG image data, 916 x 57, 8-bit/color RGB, non-interlaced\012- data
Hash 53d7a629a4062c2679920463519d4ec3
2cc744a5e873427c0729faf9a7e86237650f575f
b683df52fe9d0fbb953d156550da09952449aca0da51447d93a9423b7cddfef8
GET /u/f15/14/35/47/42/ouoouo11.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/png
content-length: 1557
last-modified: Sun, 27 Dec 2009 22:35:17 GMT
etag: "4b37e125-615"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 11 Nov 2023 13:42:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNKjFRnq%2Fhdiek28UFCFQ6q5g0mLr7zS%2FDbaLH7U5XqB1qkB%2FPfu%2FIUA6b34OmADS1hGSGoULWT8SW14IRNtViwcYqDFBa3UyuXFpZsq2IglK4rkWOJ%2BxF0O2QiKykqF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff7bdb1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68bf5d0bdb51741f5e122f33f8f7a9fb
c2a834cf7dcb1ac7a5c7c52d73cdb2b590221dbc
48ca6f9c476c31b2b7dfcfb436e47964c58f3311cbee1ee3e8cfd81eb1ae462e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=158182
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f397f-117"
Expires: Mon, 14 Nov 2022 06:57:06 GMT
Last-Modified: Sat, 12 Nov 2022 06:13:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=troy2.yoo7.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=troy2.yoo7.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash b16e0d724d636a636021401d2a570b64
541a8b15f265ee16623520bc60622b23b1cd99c5
b122d9d57af959843fb9650da5d43fe22d5056ec0e5c4595207c985ffcdac15f
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=troy2.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 3037df0fc7cc97c4523430166bf17e50
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e9c88db553a1acf24123cf2b17519168
5e0775279e3fb3a1c84c452e919d5c5dbda10201
725c069823a91881e5959ad4a559788f412ba009ebfedfcb2ef26a3d438c19ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4289
Cache-Control: max-age=114850
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e89bd-139"
Expires: Sun, 13 Nov 2022 18:54:54 GMT
Last-Modified: Fri, 11 Nov 2022 17:43:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 53 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
Hash b2f843695faee4827ae2fe5835dcb594
695105f7f509a40b307c053e1c2851403c93d408
a7788b164a9ff904477f8e4b98ea8f185e5397f8f79e9c71e972ae99bb3ded92
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Sun, 13 Nov 2022 11:00:43 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
i.servimg.com/u/f12/13/42/24/54/im22ag10.jpg
172.67.178.62200 OK 762 B URL HTTP/2 i.servimg.com/u/f12/13/42/24/54/im22ag10.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 25x16, components 3\012- data
Hash ed323c32bbbd0381729a0c17c548a804
808987322ef3d3005926a4057fc3a3246efab8c8
339731b10ca62b33798fcbfa546c6639d174af085fc991213b0f821d800db63e
GET /u/f12/13/42/24/54/im22ag10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/jpeg
content-length: 762
last-modified: Tue, 22 Dec 2009 06:38:25 GMT
etag: "4b306961-2fa"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 07:52:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cys7Bm2H9TeUiFhSc0qM81k9mxHHVcjBh1pN9AQQIDjfGrJF6cgSJLMvbRxg0eT9RywgnLErSKC2EbwSL%2BRMGnafpDnHoUBSLx1j8rCRdjHB2jLyVcP3GeBHz6inSr3z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff8be91c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 5.9 kB URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
Hash a7591c815930bda6592bbee89a58b0ed
85dcd1055b061905e11c5bfd65f86d5faec5e3c2
bab80e4f812bbfd34a60e60d7761d06f1294a50b9623b19eaf7e9e5eaec8a588
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Mon, 12 Dec 2022 11:00:43 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: B5FC:2175:C309F5:C881C1:636AA98C
vary: Accept-Encoding
x-fastly-request-id: 48372c21b0bf5018e69e7ec519f4fa657be68bc8
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.181.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.181.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ldr4tot8o63ZXc71ZeVVEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kh64BP+r+479Hi+zB+hmPW+/xII=
i.servimg.com/u/f15/14/35/47/42/ouuuso11.png
172.67.178.62200 OK 68 kB URL HTTP/2 i.servimg.com/u/f15/14/35/47/42/ouuuso11.png
IP 172.67.178.62:0
File type PNG image data, 916 x 235, 8-bit/color RGB, non-interlaced\012- data
Hash c208efbf2107c8ef1b1c2219215a722f
ad7c5e60f294993305953befd421309c713c2f1f
ad145167dfedf85ec5e5205c1210d697f9c9ce2a44f29b20688c8fd93ef30d4c
GET /u/f15/14/35/47/42/ouuuso11.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/png
content-length: 67925
last-modified: Sun, 27 Dec 2009 22:36:34 GMT
etag: "4b37e172-10955"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 18:17:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBj8n4O1NCdPuWra1N37uITT5DdECMRJj137lQ69LH6TDX5lyR6uIlQZWZHEreww14WTNiBvv91WCec2u0zMLCCWafqxHAevnG5wp53N2K3LhPD1nEgmpFIByQ%2FLfw2P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768ec3ff9bea1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 62ee06035006c1261986cdb076ac4702
3f5acbf0c231ab9730d4cc45827a5b3aed58c66c
0b60b6cfe4f62af821b1f8a3c50cd618846cf090b079108c59595e6d90d65317
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5891
Cache-Control: max-age=88717
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e1d66-139"
Expires: Sun, 13 Nov 2022 11:39:21 GMT
Last-Modified: Fri, 11 Nov 2022 10:01:10 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 62ee06035006c1261986cdb076ac4702
3f5acbf0c231ab9730d4cc45827a5b3aed58c66c
0b60b6cfe4f62af821b1f8a3c50cd618846cf090b079108c59595e6d90d65317
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: max-age=88715
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636e1d66-139"
Expires: Sun, 13 Nov 2022 11:39:19 GMT
Last-Modified: Fri, 11 Nov 2022 10:01:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11a2edefb7368572925987531b729447
5280775ebd54cc72255d9a9176f5f4ea70c2cbb0
e4224c96b983ec79fe77ef3f065217ffd2bc9501b9ae791e2fa054d7c26de47b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4224C96B983EC79FE77EF3F065217FFD2BC9501B9AE791E2FA054D7C26DE47B"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5995
Expires: Sat, 12 Nov 2022 12:40:39 GMT
Date: Sat, 12 Nov 2022 11:00:44 GMT
Connection: keep-alive
dnacdn.net/dna
178.250.2.146200 OK 132 B IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f097ac789cbd747706371ce7d4027dc
dfbaf7d621b74932bed0f0f6a17cfe56fe91af57
c8f6d3e018d616eac5a0e98a2f5b1efc15dd531ea63d59cd8dad5476618489bc
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=1ftpkV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHBBbVdqU2lLc0w3JTJCWGlLJTJGNXBRZ2NT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ; expires=Thu, 07 Dec 2023 11:00:44 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 378378
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.217200 OK 40 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 581afdcff1f07395b566083cace695f2
d4644102b6dc46d9548b962e8b764a2dfdfe8880
0cd16d56066b97e489c895ab9ed0dce6a71ab2840517da684b1bffcfcf0430ac
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 106473
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Content-Type: application/json
Origin: https://troy2.yoo7.com
Content-Length: 374
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e7b9789cecaa7a525b17d7648bb46355
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Content-Type: application/json
Origin: https://troy2.yoo7.com
Content-Length: 447
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bae2ec210def132eacd3fb15a2ce4a6d
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
54.230.111.39200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 54.230.111.39:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28567
date: Tue, 08 Nov 2022 12:47:31 GMT
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zLMpTZ0643Xx-SdxoTKkaSMj65zw2lqHeC1onkWMQUDth7zTGChRHQ==
age: 339194
X-Firefox-Spdy: h2
troy2.yoo7.com/?utm_source=pwa
178.33.44.177200 OK 61 kB URL HTTP/2 troy2.yoo7.com/?utm_source=pwa
IP 178.33.44.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22643), with CRLF, LF line terminators
Hash 8e06f754de110dbe84568ca9062958e0
670b57c81627ec826ac92d8452a26d15f873693d
da91ce8196ba64fe2d2d7c3252f39e985de52edbb174b01caa34838664e0e131
GET /?utm_source=pwa HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166826; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 11:00:44 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
troy2.yoo7.com/serviceworker.js
178.33.44.177200 OK 28 kB URL HTTP/2 troy2.yoo7.com/serviceworker.js
IP 178.33.44.177:0
File type Unicode text, UTF-8 text, with very long lines (57190)
Hash fb189fc8794e88a6e291e3ff33df1cb2
19960866069b2e3c4360005a30beab24b6c71520
a390fe7000c0f1a4980dbe229b17777cea648e33e4b36780d519629f8bd88e8b
GET /serviceworker.js HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166826; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=132&profileId=206&cb=26434704443
178.250.0.165200 OK 160 B URL HTTP/2 bidder.criteo.com/cdb?ptv=132&profileId=206&cb=26434704443
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f50794b322b1a3b9891f66d92b869fe7
17bdc6b0e089ee9fe5d0f0469981e88516959332
442754a774d601e0054996029ab04930691815b47a2ba061ba3cbe331e0fac97
POST /cdb?ptv=132&profileId=206&cb=26434704443 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 562
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://troy2.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
troy2.yoo7.com/images/icons-180.png
178.33.44.177200 OK 37 kB URL HTTP/2 troy2.yoo7.com/images/icons-180.png
IP 178.33.44.177:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash edb2f73a9360a04282cb371ec4b15e47
59885ed602fa20c93c42b615d2996322ab167d79
b1545eb9b458b3f42afa03bb9c9f499be08c7e15d2172b010445dc3cab0ad7b1
GET /images/icons-180.png HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/t67-topic
Cookie: exadd=166826; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: image/png
content-length: 36727
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: HIT
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65509)
Size 146 kB (146001 bytes)
Hash 88c487ac892a30204e98821760358d3a
a15fe00062e424617d405b27c3376831d502cb90
caed01e353e989f88d91dbea2b18991c111c4acdece297d0ff65eb50ffd5fd8b
GET /libtrc/impl.20221108-4-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7NIfjc5DF1L2B/kzlgqwEMQz6AeXPHeJ8bdJplySczuZ/p+wuSvwQmO0NIljPmdKYCKWw7PfupA=
x-amz-request-id: EGG6QY2K8WHEN44M
last-modified: Tue, 08 Nov 2022 09:41:14 GMT
etag: "88c487ac892a30204e98821760358d3a"
content-encoding: br
x-amz-version-id: Hr3XNjpCCkEC_aHpskXb5vO2HjdO2stg
content-type: application/javascript
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:44 GMT
via: 1.1 varnish
age: 4767
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 876
x-timer: S1668250845.769550,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 99
server: AmazonS3-br
content-length: 146001
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 6a1d4f77f4afebce7cf2962c9378696d
76105d24e2b1987b11909ccae6f389f35889384b
c6321eecaa353d135ef342adb5be29fb064268b06134305c90b409269a8c580e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166215
Date: Sat, 12 Nov 2022 11:00:44 GMT
Etag: "636f514b-1d7"
Expires: Mon, 14 Nov 2022 09:10:59 GMT
Last-Modified: Sat, 12 Nov 2022 07:54:51 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: weN2W4nrpuMPMQQ1Ts8UC_wGyuWm1q4-eGrxNDRoN8zAhyTVmZrcSw==
Age: 4568
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&gjid=2093496822&_gid=1106805420.1668250844&_u=YEBAAUAAAAAAACAAI~&z=1772583029
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&gjid=2093496822&_gid=1106805420.1668250844&_u=YEBAAUAAAAAAACAAI~&z=1772583029
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&gjid=2093496822&_gid=1106805420.1668250844&_u=YEBAAUAAAAAAACAAI~&z=1772583029 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://troy2.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Nov 2022 11:00:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.viglink.com/api/ping
99.80.60.12200 OK 258 B IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash 4a56fefc47ac72a3ca22b5f12d133b8a
4fce8fc5afab34203077ae836a394e44803df804
78c53429e802305e904a207612c4ad777fbe24eaa42baa6c39034b39c0f68105
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 132
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://troy2.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 258
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 21817fa3c60612398404dbe75d383a1a
2d5e08988401c8d0adb24fb26987a0ee26544b4e
12cf02219c8cf9fe9b31f48e19ec88ff888a4ca87a7af1c47eff60a9c5865bfe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:00:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:25:29 GMT
Expires: Thu, 17 Nov 2022 18:25:28 GMT
Etag: "2d5e08988401c8d0adb24fb26987a0ee26544b4e"
Cache-Control: max-age=458083,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768ec4037cbdb51b-OSL
my.rtmark.net/gid.js?userId=2c4f77cb31fa44cbac944d6e61aa57f6
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=2c4f77cb31fa44cbac944d6e61aa57f6
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 790bb066ab0e76cec90d038317f499e9
0a46550316e768a6156fe8168c20ce60475e5edc
6b7a06e46ef0eb965421140e67bef7ac0e25c5831a185a61fc94e7275c47f5f9
GET /gid.js?userId=2c4f77cb31fa44cbac944d6e61aa57f6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c4f77cb31fa44cbac944d6e61aa57f6; expires=Sun, 12 Nov 2023 11:00:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
99.80.60.12200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 99.80.60.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 11:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://troy2.yoo7.com
server-processing-duration-in-ticks: 585073
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=633231092.1668250844&jid=740702413&_u=YEBAAUAAAAAAACAAI~&z=1625712122 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 11:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A44.239&type=usage&msg=rtus&llvl=2&id=2542&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A44.239&type=usage&msg=rtus&llvl=2&id=2542&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=11%3A00%3A44.239&type=usage&msg=rtus&llvl=2&id=2542&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
x-fastly-to-nlb-rtt: 22036
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/domains
99.80.60.12200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash 19ce3f9048d70f7a0c077f64be498090
f912c6ffa0890c916fa9d069d089ad9553e07723
98938c61dab85a60a37fecc3d260eac6f8e4c0556e3701f2c1aa215a901823e0
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 231
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://troy2.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
99.80.60.12200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 99.80.60.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8b147b232c947085ab22b0e44cbbe6b1
5c4bdac252f4d9837ae0a40f538f6c35667eb571
0ea7988a73324142d61d29125de9e76662bdf44b4c2a22f1361293e52a63ad0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=112299
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:45 GMT
Etag: "636e774f-13a"
Expires: Sun, 13 Nov 2022 18:12:24 GMT
Last-Modified: Fri, 11 Nov 2022 16:24:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Content-Type: application/json
Origin: https://troy2.yoo7.com
Content-Length: 738
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9868ff7ebf66bc93075e64bda688bbd6
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 370
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 12 Nov 2022 11:00:44 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://troy2.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.69200 OK 82 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.69:0
Hash af4005dd4039aea645a274ec69842459
1592573e824b94ad4234ad9d54e194bc7e6634ea
ba1cff0cba867322cbfe47fc347cfaeac231831105ff16ef1d433d8518537236
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 107592
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 11:00:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 11:00:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 11:00:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 701700f42e1b0e528a63c3bd2a4c54e7
a3af603900538ea10e094981d298a0b37d0ab896
c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RPDkAR4fjBR89lWuee42HxnCGQv_vd6tWbOavmEsGCkZeKwjW_99Dg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 47748
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 963d77ca83c1ef5c8c622f69fcaa7cd6
88c3b40efed3822d2dbea0e42bd0756c37628814
d89ac78823b96fe54d5b90628e7879f235e9090e0160d0f37ccab22d1ef69c69
GET /libtrc/userx.20221108-4-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GDnYjBbCiwHp61EcLghxyjr3oq5xzh2Eac7lyvlx+wORECinvMlUAQDcfbvFLT89+7IHtSoOyLI=
x-amz-request-id: 0JCWFZ09W7Y8GE4S
x-amz-replication-status: PENDING
last-modified: Tue, 08 Nov 2022 19:34:09 GMT
etag: "8be6f968f7c696b0b12bbfa029abd2bd"
x-amz-version-id: Ps6T8wFCySZBAs8KjVLJqdGfJsa23oNM
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
age: 28
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1668250846.542702,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 99
content-length: 5397
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=11%3A00%3A44.248<i=deflated&data=%7B%22id%22%3A78%2C%22ii%22%3A%22%2Ft67-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668250844245%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22vpi%22%3A%22%2Ft67-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A4287%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A484%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4054%2C%22mw%22%3A914.4000244140625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft67-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 13 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=11%3A00%3A44.248<i=deflated&data=%7B%22id%22%3A78%2C%22ii%22%3A%22%2Ft67-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668250844245%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22vpi%22%3A%22%2Ft67-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A4287%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A484%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4054%2C%22mw%22%3A914.4000244140625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft67-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
Hash bab401e285a2c9f5c28fef5daba6aab2
cfa3f56de0697456289fbea9fbadea619fa3318b
04b67b9ff19e05533a51ffcf74a7393178a790553cf00aec4bc97292fda9a603
GET /forumotion-ar/trc/3/json?tim=11%3A00%3A44.248<i=deflated&data=%7B%22id%22%3A78%2C%22ii%22%3A%22%2Ft67-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668250844245%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic%22%2C%22vpi%22%3A%22%2Ft67-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A4287%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A484%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4054%2C%22mw%22%3A914.4000244140625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft67-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250845.086786,VS0,VE393
vary: Accept-Encoding
x-vcl-time-ms: 393
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 47268
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.217200 OK 9.0 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.217:0
Hash 0cba8059c1adb53973108f2c682869dd
9b0fde7a0f978ad88cab65b2d769ffc0dd5d322b
ea427c940ba6d02507be1e3c71bd69a4290a773f727e3d28718d99017421adac
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 108157
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 567bcdef39653e949301b97714168c31
8669185a5f338e34026c48310c88c5a9d8caa1c2
7ecaa9ceaa0a60e608e62571108fbcf49f6fa2b3e77feacbf52d319beda40db1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7533
x-amzn-requestid: 985674ba-be97-4ca3-babb-594c61f8d6c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8BEqFIAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e6-3abc6a525f2a2bde14465b7e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DRfYKF1_Z56kxeaprUhH1Ng8MgW0Z6Xx_yWwiO3MnswRFY482udCjg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:48 GMT
age: 47817
etag: "8669185a5f338e34026c48310c88c5a9d8caa1c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 47870
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg
151.101.85.44200 OK 8.7 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d8a63a4f77efda981dac13174535d841
fcb21a93b081c79542b8e5d68f5282de1dfbce03
1bc2549e8fe70c9e7e5286f4400dfd88b7dcb7d5b049b386b58f1283d685ba87
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 434592531185166464174072893718121666357,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 434592531185166464174072893718121666357,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "286cdfa868fd2dc091d4a54df30aadce"
expiration: expiry-date="Fri, 28 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 27 Sep 2022 16:55:26 GMT
req-referer: https://www.autoexpress.co.uk/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 1555
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 2450595
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kjyo7100096-IAD, cache-lax10637-LGB, cache-iad-kcgs7200081-IAD, cache-bma1633-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 3, 1
x-timer: S1668250846.657395,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/FxW9Prr/CreditCardNorway.jpg
x-vcl-time-ms: 1
content-length: 8726
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
151.101.85.44200 OK 7.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c0a9f60f0288ebc3444012be46cd9ebe
7e59f8e4e4cbd11ea957ee1d40911796dbdc4511
1506238c53826537a0220fd1a4bdcda57718d5726d9a024b5d702d1e6aec478a
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "0edcf740b4106100abadd2b893d52f23"
last-modified: Thu, 25 Aug 2022 23:15:18 GMT
req-referer: https://yyo7.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 8d156ac3a10d6aea35aeb01c2bf90770
x-envoy-upstream-service-time: 173
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 5167509
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200084-IAD, cache-lga21969-LGA, cache-iad-kjyo7100120-IAD, cache-bma1633-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 44, 1
x-timer: S1668250846.798540,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
x-vcl-time-ms: 1
content-length: 7530
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1bb4fe57c8c100e340264f84207b752c
2a28aeb084639a401f0cd87aec8bbe850870526d
ad3a717d4868f3571cd032eb81b5cea3492d713c599acaa32872b2f03766528b
GET /lite-unit/3.9.6/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 10:48:33 GMT
etag: "defa80fca84ea6620e26bc79bffe323e"
server: AmazonS3
via: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Ahhmoz-qJnMshrGnf8PQmZnB8loqEuIOs8qi_oTh0T8V2-V2jCscaA==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 346276
x-served-by: cache-bma1633-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 9999
x-timer: S1668250846.801105,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29911
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2042a6ae5431a6a0ae6778a926abe92b
cf32b74bc4f87c5f63d04af8dfe5681731ee7670
72fc20edd11e5ea67c6d543a25aabb21174b028dd73c0f943e81019a52e1c852
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "1d87cb50171b3fd37fd4f565d4215e54"
last-modified: Fri, 02 Sep 2022 13:32:42 GMT
req-referer: https://wamdw.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: aca97239202acbb05f0126a178d36274
x-envoy-upstream-service-time: 172
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 5595991
x-served-by: cache-iad-kcgs7200085-IAD, cache-iad-kcgs7200052-IAD, cache-lga21964-LGA, cache-iad-kiad7000047-IAD, cache-bma1633-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 178, 1
x-timer: S1668250846.801538,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 10792
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
151.101.85.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bad76966fb664d5911ca4bad702c9eca
dfb7c26b7d2c3597f1185ec6a83d97e705e6f601
6bd84e23b0ae524e84c851c5cd130da33cd48ba96eadb16774b6e9c76f3f26a0
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 311438301812572966555265208773229228139,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 311438301812572966555265208773229228139,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "414de10e3764a2dd4edb592992949c4a"
expiration: expiry-date="Tue, 15 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 15 Oct 2022 18:04:02 GMT
req-referer: https://magdi54.forumegypt.net/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 1120
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 1523573
x-served-by: cache-iad-kiad7000064-IAD, cache-iad-kcgs7200063-IAD, cache-chi-klot8100027-CHI, cache-iad-kiad7000030-IAD, cache-bma1633-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 14, 1
x-timer: S1668250846.802011,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
x-vcl-time-ms: 1
content-length: 10952
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
151.101.85.44200 OK 22 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
IP 151.101.85.44:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x184, components 3\012- data
Hash 5d531c6f9f7e92d5559ba29bf2147e24
0e687269645cebf02d55a4c56f4b07ed5fed5957
7ca37b2e17af62dc3a47dffad9933e6714fc0336f1acd41b8e094361cad9cac8
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 538475434606933197924381234642994484733,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 538475434606933197924381234642994484733,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "5d531c6f9f7e92d5559ba29bf2147e24"
last-modified: Tue, 11 Oct 2022 08:55:22 GMT
server: cloudinary
status: 200 OK
timing-allow-origin: *
x-request-id: a731c750b8e18f371a75061817c5b07a
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 795617
x-served-by: cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100112-IAD, cache-bma1633-BMA
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 21, 1
x-timer: S1668250846.801787,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
x-vcl-time-ms: 2
content-length: 21720
X-Firefox-Spdy: h2
api.viglink.com/api/domains
99.80.60.12200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash 6b05cab078e8db670a781900d627b277
6117313f5f6ed34327e59e37a4d4534352c7a243
4fbbc555eab44e66b9f477bca6da329162bbf77563bd344ba2e8f6a1518eb489
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 318
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://troy2.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg
151.101.85.44200 OK 8.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fee6ceb29bdd8cfd0b9a22f2ee50e6c6
129d435fdb13ff63d34861565cb65d8c8d322ef2
0560387167e7869a2203acc310605ed6ddf669ce591ba916ee1b9d947759fc3d
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 299606347271847295156359285904511813153,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 299606347271847295156359285904511813153,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "a8f03fb3749b4bdb04faf11bda3338d3"
expiration: expiry-date="Sun, 06 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 06 Oct 2022 00:31:50 GMT
req-referer: https://hipo.yoo7.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 632
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
age: 835605
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100026-IAD, cache-chi-klot8100108-CHI, cache-iad-kiad7000123-IAD, cache-bma1633-BMA
x-cache: MISS, HIT, HIT, HIT, MISS
x-cache-hits: 0, 2, 1, 6, 0
x-timer: S1668250846.801654,VS0,VE91
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f47/14/57/52/64/00000010.jpg
x-vcl-time-ms: 91
content-length: 8302
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7468&cv=20221108-4-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7468&cv=20221108-4-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=11%3A00%3A45.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7468&cv=20221108-4-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
x-fastly-to-nlb-rtt: 82268
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.211&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=9857&cv=20221108-4-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=11%3A00%3A45.211&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=9857&cv=20221108-4-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=11%3A00%3A45.211&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=9857&cv=20221108-4-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
x-fastly-to-nlb-rtt: 82268
access-control-allow-credentials: true
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668250844901&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=50df4ac3a8a0c2a95f7c29120bf5a0a4&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189
151.101.85.44200 OK 9.1 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668250844901&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=50df4ac3a8a0c2a95f7c29120bf5a0a4&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189
IP 151.101.85.44:0
File type ASCII text, with very long lines (32979), with no line terminators
Hash 89cbb53e3a05f3da8adbbd74911dfad0
ab64e4fd3dfe760036ddab501f7d52dcf00abfc4
ca698d7d6a2d6dba4a8e5d5b57ae8e84138645b0eb5c09683f3a5f2f1d0a7912
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668250844901&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=50df4ac3a8a0c2a95f7c29120bf5a0a4&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.712218,VS0,VE38
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=31589837&cb=1668250845508&uv=3241&tms=1668250845508&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668250842234!ts:1668250845508&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=31589837&cb=1668250845508&uv=3241&tms=1668250845508&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668250842234!ts:1668250845508&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=31589837&cb=1668250845508&uv=3241&tms=1668250845508&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668250842234!ts:1668250845508&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5141
Cache-Control: max-age=139079
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:38:45 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=139351
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:43:17 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1593
Cache-Control: max-age=135531
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 00:39:37 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
vidstat.taboola.com/vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127530 bytes)
Hash 151facb98d755a46fd260231d78130a9
f10823c4a61f363f3256882cea2ca31881e4afd5
678985021845d0de22cd87f7cfe9f174f170791fbd99d91237fb9ad6742f72e5
GET /vpaid/units/32_4_1/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 1yXNPquop0+Zvalsht6cm6Z/leKNzl+LPgBYbMGuhP07wVVrY6iRM4MUHQHpDgMNh1Ejf//TflA=
x-amz-request-id: EHGZNJWMAS99HHZH
last-modified: Thu, 10 Nov 2022 16:14:45 GMT
etag: "151facb98d755a46fd260231d78130a9"
x-amz-meta-ctime: 1668096884
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1668096883
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
age: 153439
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 17010
x-timer: S1668250846.322642,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127530
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_1/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_1/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_4_1/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: bAySMeSEXUGF3N8aZ6rmf8GYDZEd5K/VMoUKcFg92G+JmjfEGiEl/M1DtvrgnTYRvY/caUbbLEE=
x-amz-request-id: BD24MC3C62DTEDFC
last-modified: Thu, 10 Nov 2022 16:15:38 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1668096937
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1668096936
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
age: 153440
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 34104
x-timer: S1668250846.325655,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&cmcv=&pix=undefined&cb=1668250845465&uv=3241&tms=1668250845465&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=94b81981-12d8-44ac-a725-d9ca120022ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 549 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&cmcv=&pix=undefined&cb=1668250845465&uv=3241&tms=1668250845465&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=94b81981-12d8-44ac-a725-d9ca120022ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1119), with no line terminators
Hash 5f5e0a29aaff15afb2d35c60c547722b
c0195a3dba44f41329da00db759a4758df4c0ea5
95069f141c2072cbade07f1de6b3c18e70d566b02370e71c060388804b3c56c3
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&cmcv=&pix=undefined&cb=1668250845465&uv=3241&tms=1668250845465&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=94b81981-12d8-44ac-a725-d9ca120022ef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.150367,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427a888f-6279-11ed-b555-186cd56e0206; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206
X-fe: 54
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427a9285-6279-11ed-91ea-1a3233820406; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406
X-fe: 109
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427a8a5a-6279-11ed-b394-1891fad20106; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106
X-fe: 83
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=426e5fff-6279-11ed-8473-1bce7de30306
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=426e5fff-6279-11ed-8473-1bce7de30306
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=426e5fff-6279-11ed-8473-1bce7de30306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=427ab441-6279-11ed-ae62-1d0a0d900206; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 129
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a8aa9-6279-11ed-b394-1891fad20106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42812fd9-6279-11ed-a0ae-190e06a80106; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 17
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a88fa-6279-11ed-b555-186cd56e0206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42811711-6279-11ed-91eb-16a7f9820506; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=427a92d1-6279-11ed-91ea-1a3233820406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42812e44-6279-11ed-953c-152b84bd0206; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 80
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.21.206.244301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.21.206.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Sat, 12 Nov 2022 11:00:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 0edbe1c667ed349e921fd6df67c23a55
726fea8bf587c05aa257132ba30e31bf5facdf45
78fa87478a3bf5ef22ca286985bc0e7a8350968c90f96c2cf91fa3e0789f1af0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 16 Nov 2022 08:46:42 GMT
ETag: "726fea8bf587c05aa257132ba30e31bf5facdf45"
Last-Modified: Sat, 12 Nov 2022 08:46:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 218
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 768ec40eed491c0a-OSL
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
age: 1394724
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 80309
x-timer: S1668250847.657056,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=571562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768ec40ec8d5b51b-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash a1ed8df21e4c04c289cefd12923979a5
51d04bca37ce80efe20927861a53aeb2814e9f1b
bea756f99dba5fba84e2b57dd43191cf06c14f61a2a30175b308cb1d30b1fef3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115118
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636e82b5-1d7"
Expires: Sun, 13 Nov 2022 18:59:24 GMT
Last-Modified: Fri, 11 Nov 2022 17:13:25 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PiMEKvRI2BiFKcU7bIyFwHUiY24S6qKKDYPraiOWqfe_DDbb-noxnQ==
Age: 6359
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.120.50.91200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.120.50.91:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Length: 43
Connection: keep-alive
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
age: 1663611
x-served-by: cache-bma1633-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 114991
x-timer: S1668250847.861228,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 11:00:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 1.4 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash a1f4cc6e00fe70f814e78899a2dff4bd
98127c5c4b93d8ca768a0165174591d8dba946cd
f3d2502ec370d7b7a7f6eb50afe4fe7ca2da5c1b36e8996bf5bac430270050ab
GET /sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3441
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250847.833716,VS0,VE81
x-vcl-time-ms: 81
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2396
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250847.835788,VS0,VE82
x-vcl-time-ms: 82
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
2.23.134.137200 OK 9.9 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18075)
Hash 6c6dabf9115813a163e276026248773b
bf653e274329d7f7084620e59fa933ebd12a4c69
804e59b05c4fbf2792e0632e99dd816d7f4497046066647255851ae972b8f536
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 11 Nov 2022 22:51:18 GMT
Content-Encoding: gzip
Content-Length: 9883
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=42661
Expires: Sat, 12 Nov 2022 22:51:47 GMT
Date: Sat, 12 Nov 2022 11:00:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4de33015ba155dcb5ef7c74c9533d120
36f2bb041a3a01b2196b55d0b64b49e144d033f4
11d8378a9a1e894d5b6bf1aee7d08bb8209063779c0f59e1c1d9f735514b6f2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5586
Cache-Control: max-age=107087
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:46 GMT
Etag: "636e665b-1d7"
Expires: Sun, 13 Nov 2022 16:45:33 GMT
Last-Modified: Fri, 11 Nov 2022 15:12:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42c89958-6279-11ed-92a9-156973b60506; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506
X-fe: 5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42c928f3-6279-11ed-b3af-1974e5cf0506; expires=Sat, 10-Dec-2022 11:00:46 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506
X-fe: 120
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ups.analytics.yahoo.com/ups/58534/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 12 Nov 2022 11:00:46 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBN58b2MCEHoRD7_rIG9udw1B9PXDlqcFEgEBAQHOcGN5YwAAAAAA_eMAAA&S=AQAAAqS5dTSycQgkT3tSlXc-LWg; Expires=Sun, 12 Nov 2023 17:00:46 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c899b2-6279-11ed-92a9-156973b60506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:47 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42d4377c-6279-11ed-a27e-1afcdea00306; expires=Sat, 10-Dec-2022 11:00:47 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 130
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=42c92931-6279-11ed-b3af-1974e5cf0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 11:00:47 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=42d41c4c-6279-11ed-8506-175cf56a0106; expires=Sat, 10-Dec-2022 11:00:47 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 24
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ups.analytics.yahoo.com/ups/58534/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 12 Nov 2022 11:00:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBN98b2MCEODdA6bJBAAZAhcGvT7djBsFEgEBAQHOcGN5YwAAAAAA_eMAAA&S=AQAAAknPsvPJ1F_Z6cCq-Gb3sz4; Expires=Sun, 12 Nov 2023 17:00:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.120.50.91200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.120.50.91:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sat, 12 Nov 2022 11:00:47 GMT
Content-Length: 43
Connection: keep-alive
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:47 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e050cde8f71c01a1ed630be9488af0b0
f36d87250eb78bfed548b884585afdfb4fa38725
2f46f3cf49941e7e6317adec9ac33e5f000529bd3d94abd6ff23bb52879b49ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1437
Cache-Control: max-age=138612
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:47 GMT
Etag: "636ef1b6-1d7"
Expires: Mon, 14 Nov 2022 01:30:59 GMT
Last-Modified: Sat, 12 Nov 2022 01:07:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
142.250.74.98302 Found 326 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b7935dc8845592ea78857bb810cd7130
5f497e1627a95df483b70b9436c9431d9ba384d9
2116c3bba5a4dfc09063000e6cefcb61c1e83f2c416370cdd88560aad68fe369
GET /pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
date: Sat, 12 Nov 2022 11:00:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 326
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Nov-2022 11:15:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e85d741ba7237eb96c4e4bbc3f171e8
0bce5506fff05d97c940990bb7a0cbd0fc723f64
abb9a1f1c30de0d5196fb9e85897b9b70b7bd44ffebe043af3e6e25e4bf87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=122118
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:00:47 GMT
Etag: "636ea70f-1d7"
Expires: Sun, 13 Nov 2022 20:56:05 GMT
Last-Modified: Fri, 11 Nov 2022 19:48:31 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
px.owneriq.net/erb?gdpr=1&us_privacy=1---
184.86.2.127302 Moved Temporarily 0 B URL HTTP/1.1 px.owneriq.net/erb?gdpr=1&us_privacy=1---
IP 184.86.2.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /erb?gdpr=1&us_privacy=1--- HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 12 Nov 2022 11:00:47 GMT
Connection: keep-alive
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
34.192.165.142200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 34.192.165.142:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:47 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
142.250.74.98200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
IP 142.250.74.98:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Sat, 12 Nov 2022 11:00:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.owneriq.net/noop?ct=image%2Fgif
184.86.2.127200 OK 0 B URL HTTP/1.1 px.owneriq.net/noop?ct=image%2Fgif
IP 184.86.2.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /noop?ct=image%2Fgif HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 0
Content-Type: image/gif
Date: Sat, 12 Nov 2022 11:00:47 GMT
Connection: keep-alive
token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
213.19.162.90204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
213.19.162.90204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=36584&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
213.19.162.90204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d5c7d31e505103f093db6d1ed70deaa2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 97629f80a6558b41149be193005a33ab
1ef1a0398f77d94c03f98f2186748be53688a4e1
0021cdba660011fbb03dd2444924c3067a3d9771ad1c7ca81b21c29f65915155
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 12 Nov 2022 11:00:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 11 Nov 2022 19:59:09 GMT
Expires: Sat, 12 Nov 2022 19:59:09 GMT
ETag: "1ef1a0398f77d94c03f98f2186748be53688a4e1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
match.adsby.bidtheatre.com/rubiconmatch?gdpr=1&us_privacy=1---
159.65.196.12302 302 0 B URL HTTP/1.1 match.adsby.bidtheatre.com/rubiconmatch?gdpr=1&us_privacy=1---
IP 159.65.196.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rubiconmatch?gdpr=1&us_privacy=1--- HTTP/1.1
Host: match.adsby.bidtheatre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 302
Date: Sat, 12 Nov 2022 11:00:47 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Set-Cookie: __kuid=0734362f-7367-43ea-b502-e3b09511781b.437464847; Max-Age=604800; Domain=.adsby.bidtheatre.com; SameSite=None; Secure
Location: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b
Content-Length: 0
Keep-Alive: timeout=5, max=3000
Connection: Keep-Alive
pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=17039&nid=2650&days=30&put=0734362f-7367-43ea-b502-e3b09511781b HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 9d4c8b26f392cde4fc452cc71ae02353
14969cb81b64bf593c1ac8202c398f7471c5358f
f4f2c733470dd9d5214c17a08d721ff1bf0d81889014642b1bc15c619afb786f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91425
Date: Sat, 12 Nov 2022 11:00:47 GMT
Etag: "636e2f9c-1d7"
Expires: Sun, 13 Nov 2022 12:24:32 GMT
Last-Modified: Fri, 11 Nov 2022 11:18:52 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xoSWZMbwipyFZtKvnmKB53jJqgbpkrZ60DoTN1Y1nUry_6so4Xz6xQ==
Age: 3940
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:47 GMT
via: 1.1 varnish
age: 3493
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 3374
x-timer: S1668250848.505835,VS0,VE0
vary: Accept-Encoding
abp: 99
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://troy2.yoo7.com
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1---
34.199.177.9302 Found 175 B URL HTTP/1.1 sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1---
IP 34.199.177.9:0
File type HTML document, ASCII text
Hash 6c4b3f805796e4788600d138189f566d
b48a78061f21071e83cdeb0e266e85ffe50999c4
996a53eaee06987e2f2533a715fa90ee17b74808dcd525bd2c196c87273ebf12
GET /d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=1&us_privacy=1--- HTTP/1.1
Host: sync.ipredictive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sat, 12 Nov 2022 11:00:47 GMT
Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1---
Set-Cookie: cu=788899bb-7d8d-4e8b-9710-696ec856e0ad|1668250847504; Path=/; Domain=ipredictive.com; Expires=Sun, 12 Nov 2023 11:00:47 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 0e23cb51-5ea8-495b-8441-a7d56db014ff
Content-Length: 175
Connection: keep-alive
pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1---
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1---
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=17149&nid=2861&put=788899bb-7d8d-4e8b-9710-696ec856e0ad&expires=30&gdpr=1&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250850531&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1419343000&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
151.101.85.44200 OK 1.1 kB URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250850531&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1419343000&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
IP 151.101.85.44:0
Hash 3267eb10ad82016083c513797d3e881c
0db3c930b2588875a43564d469533cd1451314d3
61e81c93901fccf4e7b6a09a204efdd519f6188451634a081d8680339cf2fe62
POST /VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250850531&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1419343000&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1417
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250851.201698,VS0,VE72
vary: Accept-Encoding
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=54c60ff425ab48689bcb14f2eebc58b5&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=54c60ff425ab48689bcb14f2eebc58b5&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 790bb066ab0e76cec90d038317f499e9
0a46550316e768a6156fe8168c20ce60475e5edc
6b7a06e46ef0eb965421140e67bef7ac0e25c5831a185a61fc94e7275c47f5f9
GET /gid.js?pub=0&userId=54c60ff425ab48689bcb14f2eebc58b5&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Cookie: ID=2c4f77cb31fa44cbac944d6e61aa57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c4f77cb31fa44cbac944d6e61aa57f6; expires=Sun, 12 Nov 2023 11:00:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.403
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.403
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.403 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-180b9"
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 745209
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
x-crto-bundle: glE9HF9FS0RZRk9XS0o3NjRUaUE5ZnVEaDBQdUFKV0ZkWHo3JTJGT1R0YVBqY1I0OHRhUCUyQkhrRWVRa1Y5YXBCMFhBN1hJNWRjMmFxSWxvOVczMEp1T2pyeENDT3dJbXg4WkNHdHpBaWthSU0lMkZ6aEpYOGVGcWtlRU1Cb2JNRGtTbmQlMkZkakZo
Origin: https://troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://troy2.yoo7.com
server-processing-duration-in-ticks: 2288776
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1668250844863&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=c9ed0ff8ac8c635f7bdf82bd4e78fe8f&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1668250844863&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=c9ed0ff8ac8c635f7bdf82bd4e78fe8f&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&encoded=1&uid=604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1668250844863&tagid=&cntry=NO&platform=1&sesid=d3e49344e79afafa15f28fb4d0fdf2e8&itemid=/t67-topic&viewid=1668250844245&geolat=&geoing=&deviceifa=&appid=&sd=v2_d3e49344e79afafa15f28fb4d0fdf2e8_604297ae-8a15-4b0b-8fd1-8e9a36a00ef6-tucta69025d_1668250845_1668250845_CNawjgYQ3pxDGNX4_tvGMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=c9ed0ff8ac8c635f7bdf82bd4e78fe8f&appname=&cdb=&gdprApplies=true&rid=&sii=-6259864112813581536&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9189 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.549378,VS0,VE37
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=troy2.yoo7.com&info=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ&idsd=-231654676,-2043637528&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=troy2.yoo7.com&info=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ&idsd=-231654676,-2043637528&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=troy2.yoo7.com&info=fL-Drl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hoQkhBb01oWW9BZmFJcnJ3Q0NneHAxb0hremttdllkaEpObGE5cXVWRFQ&idsd=-231654676,-2043637528&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1072817
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=RRWp58us2dZTWfU2hzYXl0CTliIAcsfJv7-bhzMq13X4AVt9Jh9ac84h0O2_rglj-ClX0h5f2-AO9GK2bVyNyPxltL_tHbxfbt09sSeDo0TVeWuju1oUUa50cSUpfD6AxfCaVAi3tfGo4TXJwzkOts_PUIo62x1DgaKW7a6ps37Ep0QZjJQUXk99YlFPEixXIBcBwy9Tow0L6iFKEOohSU8ZpxD4tIrPszkEvRbGIQY%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=0e95b403-8b78-426c-b0a1-40a48c599deb&userId=2c4f77cb31fa44cbac944d6e61aa57f6&m=link
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/?rb=RRWp58us2dZTWfU2hzYXl0CTliIAcsfJv7-bhzMq13X4AVt9Jh9ac84h0O2_rglj-ClX0h5f2-AO9GK2bVyNyPxltL_tHbxfbt09sSeDo0TVeWuju1oUUa50cSUpfD6AxfCaVAi3tfGo4TXJwzkOts_PUIo62x1DgaKW7a6ps37Ep0QZjJQUXk99YlFPEixXIBcBwy9Tow0L6iFKEOohSU8ZpxD4tIrPszkEvRbGIQY%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=0e95b403-8b78-426c-b0a1-40a48c599deb&userId=2c4f77cb31fa44cbac944d6e61aa57f6&m=link
IP 139.45.195.8:0
GET /?rb=RRWp58us2dZTWfU2hzYXl0CTliIAcsfJv7-bhzMq13X4AVt9Jh9ac84h0O2_rglj-ClX0h5f2-AO9GK2bVyNyPxltL_tHbxfbt09sSeDo0TVeWuju1oUUa50cSUpfD6AxfCaVAi3tfGo4TXJwzkOts_PUIo62x1DgaKW7a6ps37Ep0QZjJQUXk99YlFPEixXIBcBwy9Tow0L6iFKEOohSU8ZpxD4tIrPszkEvRbGIQY%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Ftroy2.yoo7.com%2Ft67-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=0e95b403-8b78-426c-b0a1-40a48c599deb&userId=2c4f77cb31fa44cbac944d6e61aa57f6&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://troy2.yoo7.com/
Origin: https://troy2.yoo7.com
Connection: keep-alive
Cookie: OAID=2c4f77cb31fa44cbac944d6e61aa57f6; oaidts=1668250844
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:45 GMT
content-type: application/json
x-trace-id: 7e1d1b6798e7163cfa657464dcfd8daf
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2c4f77cb31fa44cbac944d6e61aa57f6; expires=Sun, 12 Nov 2023 11:00:45 GMT; path=/; secure; SameSite=None
oaidts=1668250845; expires=Sun, 12 Nov 2023 11:00:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 19 Nov 2022 11:00:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=troy2.yoo7.com
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=troy2.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=3a890cbc-2c9c-4f5a-851e-6e67b06c215c; expires=Thu, 07 Dec 2023 11:00:43 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 873125
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=355&height=199&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1412
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.200552,VS0,VE101
vary: Accept-Encoding
X-Firefox-Spdy: h2
troy2.yoo7.com/t67-topic
178.33.44.177200 OK 0 B IP 178.33.44.177:0
GET /t67-topic HTTP/1.1
Host: troy2.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 11:00:43 GMT
vary: User-Agent
set-cookie: exadd=166826; expires=Sat, 12-Nov-2022 15:00:43 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=undefined&cb=1668250845509&uv=3241&tms=1668250845509&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1c46cce3-81c5-4a4d-bd11-3b14cee6793a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=undefined&cb=1668250845509&uv=3241&tms=1668250845509&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1c46cce3-81c5-4a4d-bd11-3b14cee6793a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7NkUCFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJLExzTYel2ctXGxca9HCNHJLTI7FWjNxjDYul2233CyMQGKe2WzmcC3WyoVrsRbNNjO3cOYbuVWWkWdlsrmWm93MCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeAoOl0-Fz3etHl77zMlX-_b67xu_2i224t-hueHjsAAAAAPABYvWVC_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAGJBcaAB8chC85-z3BwBAwxYIAIAABgnAwGpACcDH-coJAAAAAAAAAADL____fwzAHtaYDMDI_k4PwIMPwANRgWoRIwAAAIAtLRXNo0mdUFlUAQAQpFsBXAEABBCu_QlvhAEAAASMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKG30eu0IJbRa7VfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XC22I1mm9HsAAAAAO7-____9UDIszItN6PRyrdc2Bw2h2M1swxnFtPIMDPZLCvj9qQY59QOAvTy-jyEZfb7DiKW52v6Gw4yvuX1NoiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEscFostwtXG7hwrFaiyaGiVs4MznWwpVz4ZktDIOVzbYWvT6mh205mKxGXhQM0NiL4CKdyPyW19tvevrtboXlIpZoThbpRHbZlzwr03IzGq18y4XNYXM4VjPLcGYxjQwzk82yMu5rg9FkuVu43MKFY7UWTQwTt3BmcqyFK-fCM1sYBiubbS16fUwP23IwWY38jdlsOFkNhqPVvjGbDSerwXC02nfoDN_V52x0BscTj04s7Uu3H5vDoHAZLN7f5yJtRhs3o0obtlhU1-LONbHqtLGTsXMwGxS-4TUx_P3Uz2s3ezuIDQZFLBGcLtKJ6GU8XcQSydMinagGI5tp4fEsjAvDxrJwrma-jWW5mAwmNtfCsDBNxBKl6SKd6EW33Vr0Nzw9FvUfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIar5QJAOHvp_kTRdYXUn93spoL4BbcdboMUN37cYH7L6-03Pf12t8JyZYAHanLmzZ4JYq1WyxoAAEAAGwAAIIBbN28B2IzcPhCTA4Ve-JErP0EuhssB!&cmcv=&pix=undefined&cb=1668250845509&uv=3241&tms=1668250845509&abt=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1c46cce3-81c5-4a4d-bd11-3b14cee6793a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.188066,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:00:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/embed/FA_Embed.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/embed/FA_Embed.js
IP 172.67.150.97:0
GET /rs3/64/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:43 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:53 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 441230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpz5u0g6Nz1wa2yb6W7CgdQsHbmonprVltBJjdQ0qWVwu%2FlctFcERb2vZ89xouK7P%2BcBuzFyxy3pXdPFsoj9FHVT0%2BgX4YNO6nBQz4f6teYi6IzeZMUyW7suyZmzTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768ec3fd2898b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=troy2.yoo7.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=troy2.yoo7.com
IP 178.250.0.157:0
GET /syncframe?origin=rtus&topUrl=troy2.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:00:44 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=cc2a7e2e-ea07-41e6-bfc2-d9b370d8d434; expires=Thu, 07 Dec 2023 11:00:45 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 907007
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845495&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845495&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1668250845495&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=1182127727&tz=0&viewable=true&ddast=V7QaACFgOUWeKMn8bWuwSUWeKMn8bWuwUAAAAGBuIHJDmaGBfL4WKtmIyMa9Fo4XErfJPVWuTcOByTwWAyWdmMQCIzj2k4Gq3WionH4xZNLI61cLfcrVUWl8ky8ywcxuVkChE3GQ6fg4Go6Hpb7A6n2fMGEDSdDp_rXi-6_J2XufLv9801frdfdNutRX_D02MHAAAAgAcAq7dMiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAAOSCw2ATw6C95z9_gAAaNgCAQAQwCABGFgNKAH4OF85AQAAAAAAAABg-f___48B2MMakwEY2d_pAXjwAXggKlAtYgQAAACwpaWieTSpEyqLKgAAgnQrgCsAgADCtb9gvDAAAICAsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyb0NnqdFsQyeq32CwgAsPYLCADApm4AAG8BcEFH0IrBYHUKsRvOFrvRbDOaHQAAAMDd____vx4IeVam5WY0WvmWC5vD5nCsZpbhzGIaGWYmm2Vl3J4U45zaQYBeXl_ETYbD52AgKrreFrvDafbcj6Ily91ytxpNFqPRcrnZDTejwf4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWrJaLperzWa12o0Ws8FmOdxskKJVq9loMxiuZpPZbrcaDobL0QgpWrLcLXer0WQxGi2Xm91wMxoMEcYGo8lyt3C5hQvHai2aGCZu4czkWAtXzoVntjAMVjbbWvT6mB625WCyGnlRMEBjL4KLdCLzW15vv-npt7sVlotYojlZpBPZZV_yrEzLzWi08i0XNofN4VjNLMOZxTQyzEw2y8q4rw1Gk-Vu4XILF47VWjQxTNzCmcmxFq6cC89sYRisbLa16PUxPWzLwWQ18jdms-FkNRiOVvvGbDacrAbD0WrfoTN8V5-z0RkcTzw6sbQv3X5sDoPCZbB4f5-LtBlt3IwqbdhiUV2LO9fEqtPGTsbOwWxQ-IbXxPD3Uz-v3eztIDYYFLFEcLpIJ6KX8XQRSyRPi3Sica5MhpnNuPAYN7bNauabmGzGycRkWvmGM5dxZhFLlKaLdKIX3XZr0d_w9FjUf2TIxVw5mIsmc8VqtEoAAAAAAAAAAEuYM28CAAAAcBrIaLAZrpYLAOHspfsTRdcVUn92s5sK4hfcdrgNUtz4cYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWAzcvtATA4UeuFHrvwEuRguBw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!iiqrc_vB!lotc_vD!mprdctdt6_vA!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Ftroy2.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://troy2.yoo7.com
Connection: keep-alive
Referer: https://troy2.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1455
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://troy2.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 11:00:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668250846.194786,VS0,VE103
vary: Accept-Encoding
X-Firefox-Spdy: h2