r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3108
Expires: Fri, 02 Dec 2022 05:04:11 GMT
Date: Fri, 02 Dec 2022 04:12:23 GMT
Connection: keep-alive
harissa.com/
147.135.91.235301 Moved Permanently 162 B IP 147.135.91.235:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 04:12:23 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://harissa.com/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 625
Cache-Control: max-age=109754
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:23 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:41:37 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13167
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 04:12:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 03:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3253
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9SMqK6DB4xTkq4UEa2FdhPhHmUKGTbHIho58DhKgnOn0eQLg93EBoKG3KJomUieMl5yccedbgkA=
x-amz-request-id: BASM3M0K21NCVT7Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:45:57 GMT
age: 1586
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5a82db89e91ff128c05d000ad18c25c
279256c9d4f040d3d341b44a188744bd2d65f7cf
b242973b83433c5678dd6bcb9e81c084aaf871cc6306d3e07cfa7f252695f2c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B242973B83433C5678DD6BCB9E81C084AAF871CC6306D3E07CFA7F252695F2C6"
Last-Modified: Thu, 01 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21536
Expires: Fri, 02 Dec 2022 10:11:20 GMT
Date: Fri, 02 Dec 2022 04:12:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 04:08:57 GMT
cache-control: public,max-age=3600
age: 207
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
harissa.com/news555
147.135.91.235301 Moved Permanently 236 B IP 147.135.91.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2c469592bcf9734b313c12eca4bea736
ccff12f3443ed5080a848cfb3e45921fd066ea17
f25afeba5237089c589e32459dfcc4ce76f6b88f3bf80666daa5a0741d66f315
Analyzer Verdict Alert fortinet Phishing
GET /news555 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 236
x-content-type-options: nosniff
location: https://harissa.com/news555/
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 672
Cache-Control: max-age=104737
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:24 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:18:01 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.203.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.203.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mmKooefOa0x79viLnn8IeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 89OBXGGMqGB7NKRLmYzri1BHiRY=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9017551118f933b99e215c8a4a8cfe15
3c7477adccaaa4deb8e14c69059e7e8b4622a54d
b1f47d3a19df0772e3976ffd2580889d5cefc310c34a94d6284260269b0126f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 395
Cache-Control: max-age=162822
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:24 GMT
Etag: "638952a3-1d7"
Expires: Sun, 04 Dec 2022 01:26:06 GMT
Last-Modified: Fri, 02 Dec 2022 01:19:31 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-169821115-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-169821115-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b4080a303a09567fac9dddba13ee6fb4
e48a3f5c5c6e33c406bc92d5fbbe02aa9f4c2a53
f7970466c57ab0af8c13b2a76cb050ecca9eee0f7fa3a6bed115c8fc6522e98b
GET /gtag/js?id=UA-169821115-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 04:12:24 GMT
expires: Fri, 02 Dec 2022 04:12:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
216.58.207.226200 OK 34 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/show_ads.js
IP 216.58.207.226:0
File type ASCII text, with very long lines (3577)
Hash 038055db17783eb906a7d788be5b6e72
b9ae7c09b8c841950a2277f5eab016536869c34c
2dc7bfd5c1e4590d5a0482d08c3bb957d782791bb0045334fdb9a6044477beb5
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Dec 2022 04:12:24 GMT
expires: Fri, 02 Dec 2022 04:12:24 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8635265262394851985
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
harissa.com/news555/core/themes/stable/css/system/components/hidden.module.css?rifbr9
147.135.91.235200 OK 1.0 kB URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/hidden.module.css?rifbr9
IP 147.135.91.235:0
Hash 6619b778c0c17395ca4c7fffcb8f9dc6
0a3a5ee6429576c7ac4b8a721a1a9b39bae872f6
2c457212c760f0169826880b94ea842544705577dea46785526d06272ecd5442
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/hidden.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Thu, 10 May 2018 18:33:57 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af49095-54f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
harissa.com/news555/themes/zircon/css/view.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/view.css?rifbr9
IP 147.135.91.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/css/view.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
content-length: 0
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:42:17 GMT
etag: "0-5326d2af3d440"
accept-ranges: bytes
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/css/print.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/print.css?rifbr9
IP 147.135.91.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news555/themes/zircon/css/print.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
content-length: 0
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:42:18 GMT
etag: "0-5326d2b031680"
accept-ranges: bytes
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
X-Firefox-Spdy: h2
harissa.com/images/openpublish_theme_logo.gif
147.135.91.235200 OK 3.0 kB URL HTTP/2 harissa.com/images/openpublish_theme_logo.gif
IP 147.135.91.235:0
File type GIF image data, version 89a, 235 x 42\012- data
Hash 6b7ce8ea0d470967e385a4f9bbf0f3e2
e3122ed0c21f3eb514e1bea04142701a4bf7bd96
c91f8f11a72b58e52dc93e9482cd4334f0f58c30feeb6137495d911abd4e11a4
GET /images/openpublish_theme_logo.gif HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/gif
content-length: 2982
last-modified: Mon, 30 May 2016 20:39:10 GMT
etag: "574ca4ee-ba6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/clearfix.module.css?rifbr9
147.135.91.235200 OK 656 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/clearfix.module.css?rifbr9
IP 147.135.91.235:0
Hash 7ee6c70c9a7e7c343e08d46e608cdfb7
e7cc909de0176a20b0c44337da8f9dcea398e95e
85fe2f00460bb041f3e7632c622a8488b4884c1cefecf51ea3d44066d65da51f
GET /news555/core/themes/stable/css/system/components/clearfix.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:57 GMT
etag: W/"132-56bde43258f40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/drupalSettingsLoader.js?v=8.3.9
147.135.91.235200 OK 324 B URL HTTP/2 harissa.com/news555/core/misc/drupalSettingsLoader.js?v=8.3.9
IP 147.135.91.235:0
Hash f3758b5ac6e486854e1cf555d15d0074
d9f5d83f2bfddccb0b597f9db005076050f7d6c0
c8bd426fb6bd220386a3a5a459ced2f6b3bd635be614829d02265ed907782f66
GET /news555/core/misc/drupalSettingsLoader.js?v=8.3.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 19:42:30 GMT
etag: W/"2ba-56bdf384cf580"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/assets/vendor/domready/ready.min.js?v=1.0.8
147.135.91.235200 OK 281 B URL HTTP/2 harissa.com/news555/core/assets/vendor/domready/ready.min.js?v=1.0.8
IP 147.135.91.235:0
File type ASCII text, with very long lines (428)
Hash acc91c235d4ebd788007915794330efe
adac254ecf9ae1f0b0772c2f6c918726f1e3e4d9
99945b96cae6cb683635a10318c344531b9b8c5c26e6d4524f2b941d91fe2cb7
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/assets/vendor/domready/ready.min.js?v=1.0.8 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 19:51:33 GMT
etag: W/"1e5-56bdf58aa7b40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/
147.135.91.235200 OK 20 kB IP 147.135.91.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3439)
Hash 24ca6166a7e60626cfb966afe66825bc
aaf86ccd4419df17e0bdb67f02d3c1588467fceb
2ccc3522eafe87766ec100d13d951f0314add53b074558d50e67b91d54395c38
Analyzer Verdict Alert fortinet Phishing
GET /news555/ HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://harissa.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=43200, public
x-drupal-dynamic-cache: MISS
x-ua-compatible: IE=edge
content-language: fr
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
last-modified: Thu, 01 Dec 2022 21:18:25 GMT
etag: W/"1669929505"
x-powered-by: PHP/5.6.40, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/js/slideshow.js?v=8.0.0
147.135.91.235200 OK 1.4 kB URL HTTP/2 harissa.com/news555/themes/zircon/js/slideshow.js?v=8.0.0
IP 147.135.91.235:0
Hash 103324bb3dbb422f7d42dd4356c729dd
76d4d339f06e10b733bb39b8903d96f120eafc14
098840dabcb1654797abe13b8442819d0aa54ec1d449ba5c488252bc9649f424
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/js/slideshow.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:00 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730d9f8-1490"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.paypalobjects.com/fr_FR/FR/i/btn/btn_donateCC_LG.gif
151.101.194.133200 OK 4.0 kB URL HTTP/2 www.paypalobjects.com/fr_FR/FR/i/btn/btn_donateCC_LG.gif
IP 151.101.194.133:0
File type GIF image data, version 89a, 196 x 47\012- data
Hash 0db8005c6b0e96ec4d34048231de4d4f
8157f6926c01d1a73ddc87c7c4438c67581d8071
351b661f5071324acb495bdb9e3a33e9f0dd03053d2f3a951223887de7c4a0cd
GET /fr_FR/FR/i/btn/btn_donateCC_LG.gif HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/gif
dc: ccg11-origin-www-1.paypal.com
etag: "5pGsKvFx6a5fI0fXhkhKpdZXVvuYet1vKs7zVZoAMpU"
fastly-io-info: ifsz=5180 idim=196x47 ifmt=gif ofsz=3984 odim=196x47 ofmt=gif
fastly-stats: io=1
paypal-debug-id: d50bdb6a306fd
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d50bdb6a306fd-a3a3915f2cdd9262-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:25 GMT
x-served-by: cache-sjc10057-SJC, cache-bma1639-BMA
x-cache: HIT, HIT
x-cache-hits: 484, 1
x-timer: S1669954345.211772,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 3984
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2022-10/tunisie6.jpg?itok=z5h0Jgpr
147.135.91.235200 OK 58 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2022-10/tunisie6.jpg?itok=z5h0Jgpr
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 4783600cb7ce71b1f4bd19f9c96f0c14
408badc17a3f0534ac5286d8a4a007f0bdbf94c9
97454387d30b4fbd05f7032a0f9d7ae7872013654536ecb805795f2c22076cda
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2022-10/tunisie6.jpg?itok=z5h0Jgpr HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 58219
last-modified: Sun, 02 Oct 2022 20:14:22 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6339f11e-e36b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/religions33.jpg?itok=NIeiDIHX
147.135.91.235200 OK 6.0 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/religions33.jpg?itok=NIeiDIHX
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x124, components 3\012- data
Hash 006c207ef3034ccb7a1a559bac2e489d
c9d99aa200da7a58a4d35e63cc05eca3f51552cb
cc734f989a2f4882a7da0820adda9e077747678a01c644734ec9edcda10f2807
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/religions33.jpg?itok=NIeiDIHX HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 5989
last-modified: Sun, 27 Nov 2022 21:56:56 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383dd28-1765"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/AP22330483023739-640x400.jpg?itok=fw6yHoDV
147.135.91.235200 OK 7.9 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/AP22330483023739-640x400.jpg?itok=fw6yHoDV
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x138, components 3\012- data
Hash a6385a35550920a87e4cbe2975aaab48
64e98fef96d08edf6d6b4a7be532861e92f43743
d3a27111f08180ddc975d24e8ca53c6ee5fcf597daba158eec60e82dc5236980
GET /news555/sites/default/files/styles/medium/public/field/image/AP22330483023739-640x400.jpg?itok=fw6yHoDV HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 7906
last-modified: Sun, 27 Nov 2022 22:35:11 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383e61f-1ee2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2018-09/cimetierre-tunis-avant-kippour.jpg?itok=RCW4L3cC
147.135.91.235200 OK 40 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2018-09/cimetierre-tunis-avant-kippour.jpg?itok=RCW4L3cC
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 1c56737d4908114b5c9dae1c4c666eab
e4d2a31929d621d3b6f10e0745b986bba837faa8
e9e5fd9b7ad015a4a347ba7842e62e9f5dbd81370f7054743be0faadebb2493b
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2018-09/cimetierre-tunis-avant-kippour.jpg?itok=RCW4L3cC HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 40511
last-modified: Tue, 18 Sep 2018 18:23:25 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "5ba1429d-9e3f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/avre2.jpg?itok=egDZM8m8
147.135.91.235200 OK 17 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/avre2.jpg?itok=egDZM8m8
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x196, components 3\012- data
Hash a2857296db8a8be882836a0c9e9c7d6c
cba4154459e2be5edd2c16960ecb449af2a0f735
13cb7b68a96b048e0bf43da1fa7dc94b3f68b4992c4dd327a903933563435cd2
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/avre2.jpg?itok=egDZM8m8 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 16670
last-modified: Mon, 28 Nov 2022 02:40:27 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "63841f9b-411e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/featured/public/field/image/delphine_2.png?itok=PzQbV4GA
147.135.91.235200 OK 61 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/featured/public/field/image/delphine_2.png?itok=PzQbV4GA
IP 147.135.91.235:0
File type PNG image data, 267 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 6aaec1df73cbb1f6df11871c60af158f
10f44f060edabe926fdc11f05882385c23f2c1cd
9782f4cb0b0a4ba5c5c0ee42293aa947745a338b208a8b8ff242040e97cccad6
GET /news555/sites/default/files/styles/featured/public/field/image/delphine_2.png?itok=PzQbV4GA HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/png
content-length: 60604
last-modified: Sun, 27 Nov 2022 23:04:17 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383ecf1-ecbc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
216.58.211.10200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 216.58.211.10:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 03:44:19 GMT
expires: Fri, 02 Dec 2022 04:44:19 GMT
cache-control: public, max-age=3600
age: 1686
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
harissa.api.oneall.com/socialize/library.js
136.243.63.184200 OK 12 kB URL HTTP/1.1 harissa.api.oneall.com/socialize/library.js
IP 136.243.63.184:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4118)
Hash ddb69367d31f2f971367fc478061c0f2
afbe12506eb72a7ce72b2a5ea66848a93e251de0
9d08736b8e4cc592f6e303867d0f741be3b3eb0a687750df57cf8f42d1457124
GET /socialize/library.js HTTP/1.1
Host: harissa.api.oneall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:12:25 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Length: 12355
Connection: keep-alive
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Last-Modified: Tue, 25 Jun 2019 18:52:24 GMT
Pragma: private
Cache-Control: max-age=14400, private
Expires: Fri, 02 Dec 2022 08:12:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Forwarded-Target: xsierra.oneall.com
X-Cached: EXPIRED
harissa.com/news555/sites/default/files/styles/medium/public/field/image/spirou_expo_0-9465a.jpg?itok=0UYlCi0l
147.135.91.235200 OK 6.9 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/spirou_expo_0-9465a.jpg?itok=0UYlCi0l
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 158x220, components 3\012- data
Hash 5ac7f66af2679dba8ba0a424c7889dde
75af2fbc2b64c5e79c54d10c8662752fb9d9188f
e5be26049ff44d0744c914c32077f426247f158b199df265e1e1cb0324061abf
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/spirou_expo_0-9465a.jpg?itok=0UYlCi0l HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 6878
last-modified: Sun, 27 Nov 2022 23:34:19 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383f3fb-1ade"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/featured/public/field/image/AP22330483023739-640x400.jpg?itok=0-MJkm47
147.135.91.235200 OK 8.7 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/featured/public/field/image/AP22330483023739-640x400.jpg?itok=0-MJkm47
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 267x134, components 3\012- data
Hash ede92a0c3b2ed477929aabda136b29cc
0ce13f71a9fc4f4b5f9229cfe86f0ed93e870f87
8d5538aa0d6bf41aa59f498a1a69ab47844f30ba01f9b24b244a321d4a4407c2
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/featured/public/field/image/AP22330483023739-640x400.jpg?itok=0-MJkm47 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 8735
last-modified: Sun, 27 Nov 2022 22:27:07 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383e43b-221f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
harissa.com/news555/sites/default/files/styles/medium/public/field/image/Rock_crusher_gears.jpg?itok=uZJxKV6r
147.135.91.235200 OK 12 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/Rock_crusher_gears.jpg?itok=uZJxKV6r
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x165, components 3\012- data
Hash 1f5e3b57e60ff76d6ddb55c3cdaea367
23a3e314fbcd6e962113def9c9ac572af9c8d8c8
b31c97c03f97eda954f7c29db2c10c67ce2c97dd798ad58e2786d153a0ff3a63
GET /news555/sites/default/files/styles/medium/public/field/image/Rock_crusher_gears.jpg?itok=uZJxKV6r HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 12229
last-modified: Sun, 27 Nov 2022 21:09:04 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383d1f0-2fc5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2022-11/hallah%29_0.jpg?itok=M44Cj9nn
147.135.91.235200 OK 53 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2022-11/hallah%29_0.jpg?itok=M44Cj9nn
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 5030fe57263b4ade783918e3323fc650
2995f6dcf22784728000cc1c17dc18f80a5a6074
d20a9b81c7dde8400181313b2bae8690a28c6572892d7e93fff45683208a3d61
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2022-11/hallah%29_0.jpg?itok=M44Cj9nn HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 53405
last-modified: Sun, 06 Nov 2022 19:55:25 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6368112d-d09d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/Table%20de%20Hannouka.jpg?itok=7876wzCh
147.135.91.235200 OK 7.0 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/Table%20de%20Hannouka.jpg?itok=7876wzCh
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 147x220, components 3\012- data
Hash 8e3fc4ba0186bb804cdbe2b907be9ba0
19a52538f6a08984f9b966a9a36018b31dd094f5
47a9b83250dfb1c5e0fa4bca21a72aaf715251e35ebdb9b7abf79ed5d11f4414
GET /news555/sites/default/files/styles/medium/public/field/image/Table%20de%20Hannouka.jpg?itok=7876wzCh HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 6985
last-modified: Thu, 07 Dec 2017 18:29:47 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "5a29889b-1b49"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/Hope.jpg?itok=xWxRJecK
147.135.91.235200 OK 7.5 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/Hope.jpg?itok=xWxRJecK
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x220, components 3\012- data
Hash 34df15e49b446cdc5513fa7b009e5f40
07bd8a8132f96b9b3f0e4f24f3882839d4969de8
0b3ef02a5c44e798ec395613aa45d84afa48759d310e544f54271d90eca610ac
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/Hope.jpg?itok=xWxRJecK HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 7477
last-modified: Sun, 27 Nov 2022 18:07:18 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383a756-1d35"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/jeru1900t.jpg?itok=Mf4vFJct
147.135.91.235200 OK 6.2 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/jeru1900t.jpg?itok=Mf4vFJct
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x124, components 3\012- data
Hash 0827b0a97007fd2ece514c0c2fdfbe8e
fdf3c0cc2adab5c082a4b9e543a211e1e05abfce
aa45de7423cdffb1e570d62468afa22690a3bd48303f201ff54402e974b22cde
GET /news555/sites/default/files/styles/medium/public/field/image/jeru1900t.jpg?itok=Mf4vFJct HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 6178
last-modified: Sun, 31 Jan 2021 19:49:46 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "601709da-1822"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/featured/public/field/image/blog_du_crif_8_6.png?itok=GgdSCkJx
147.135.91.235200 OK 41 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/featured/public/field/image/blog_du_crif_8_6.png?itok=GgdSCkJx
IP 147.135.91.235:0
File type PNG image data, 267 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 37bc3a8ae4b39eb837dcdd594c25e20f
93bc1c6d58cac2022b568905e6cc88a1e686f1cb
d59d7c83a7064027bb41887c84d41d66382913b00006d634b3d9bee72216c7a9
GET /news555/sites/default/files/styles/featured/public/field/image/blog_du_crif_8_6.png?itok=GgdSCkJx HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/png
content-length: 40650
last-modified: Sun, 28 Nov 2021 20:16:49 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "61a3e3b1-9eca"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2021-01/complet-poisson.jpg?itok=ZxPJteP9
147.135.91.235200 OK 61 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2021-01/complet-poisson.jpg?itok=ZxPJteP9
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash ea5cfb20387249548a26e9b5de2c8e7d
1417f3a969425e329ad65e33a539eaccef8c6ee8
b4b5c0a4b83a8e2a1be1f1acc06343e61246d53f82364e8cdfc352777a164fe9
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2021-01/complet-poisson.jpg?itok=ZxPJteP9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 61196
last-modified: Sun, 31 Jan 2021 19:02:13 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6016feb5-ef0c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2022-11/eaupure.jpg?itok=PtvNuRln
147.135.91.235200 OK 35 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2022-11/eaupure.jpg?itok=PtvNuRln
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash eeaff4183e3973308c0307d90898becc
d2e33d7a768663802c3415b82a7e32cb06f858eb
978f5479a63b6a5e99d857ea129fcd2caa4f2b8e1764b4a280d3d06dce174b0e
GET /news555/sites/default/files/styles/slideshow/public/2022-11/eaupure.jpg?itok=PtvNuRln HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 35071
last-modified: Sun, 06 Nov 2022 20:05:35 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6368138f-88ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/featured/public/field/image/avre2.jpg?itok=r3PGY2vc
147.135.91.235200 OK 13 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/featured/public/field/image/avre2.jpg?itok=r3PGY2vc
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 267x134, components 3\012- data
Hash 043cb6947586fa04181e944e578fe8f5
0180b625a4ab534affc9d7f5098ca70595dffa7a
a5bf1fe27af4267daef3c4599859ed1652b7c2e21368b3c1571bbc88e9f4a586
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/featured/public/field/image/avre2.jpg?itok=r3PGY2vc HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 13340
last-modified: Mon, 28 Nov 2022 02:36:02 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "63841e92-341c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/complet-poisson.jpg?itok=oijVAAgP
147.135.91.235200 OK 11 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/complet-poisson.jpg?itok=oijVAAgP
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 220x166, components 3\012- data
Hash 961df8151333e65559523b0bbb7c034a
a2a4561dec4d8c657babbb637dafa1c23ad720f7
73d3c659ab58eae1a38e9e894708dc2f56c36e275eca390b1853d90755788e00
GET /news555/sites/default/files/styles/medium/public/field/image/complet-poisson.jpg?itok=oijVAAgP HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 11146
last-modified: Sun, 31 Jan 2021 19:02:13 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6016feb5-2b8a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/Advertising/jr5.gif
147.135.91.235200 OK 37 kB URL HTTP/2 harissa.com/Advertising/jr5.gif
IP 147.135.91.235:0
File type GIF image data, version 89a, 160 x 600\012- data
Hash 1925a1c498cb86f55d11abad21eacfce
426ce58aabe1f6e58d4f909a2540ac89098c5822
f222927c850529710e4320180c0b1513da520d0432a5c90bdd82e5112fe5ed1f
GET /Advertising/jr5.gif HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/gif
content-length: 37389
last-modified: Sun, 22 Jan 2017 18:10:30 GMT
etag: "5884f596-920d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2022-10/308671579_10225137399795765_5521879457075284913_n.jpg?itok=Wi5ib9li
147.135.91.235200 OK 47 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2022-10/308671579_10225137399795765_5521879457075284913_n.jpg?itok=Wi5ib9li
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 4a158793d337a89e0325f347bd147fea
87a47622750cb37416acd59c44cdc7d291db8fd2
b34185aeee5fa1a0d95dccb1fd0c4acae0654125c3fce2ff6d592f3cbb0e9a8e
GET /news555/sites/default/files/styles/slideshow/public/2022-10/308671579_10225137399795765_5521879457075284913_n.jpg?itok=Wi5ib9li HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 47006
last-modified: Sun, 30 Oct 2022 20:18:01 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "635edbf9-b79e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/delphine_2.png?itok=z4ePGW9Z
147.135.91.235200 OK 47 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/delphine_2.png?itok=z4ePGW9Z
IP 147.135.91.235:0
File type PNG image data, 220 x 124, 8-bit/color RGBA, non-interlaced\012- data
Hash d946c3a75635b9716b43cc762389cfbc
86b8382ae0bdfe002e5f1de5f165e80d0068fbbe
b487c9e74a3f8b5ba786719a0f31743ed5a6de945e347fcadd51327d3967442c
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/delphine_2.png?itok=z4ePGW9Z HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/png
content-length: 47335
last-modified: Sun, 27 Nov 2022 23:08:35 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6383edf3-b8e7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/blog_du_crif_8_6.png?itok=RDMQhYur
147.135.91.235200 OK 30 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/blog_du_crif_8_6.png?itok=RDMQhYur
IP 147.135.91.235:0
File type PNG image data, 220 x 124, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c90b8dbb1b1456694812cbe82fa1c10
c2c75a3ba10f544e756bab59c2d4f551d461dacc
4b29e801cf97bbcd2518ce6cfaf02657643be33383a5abb9061a7d3b572dd32c
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/blog_du_crif_8_6.png?itok=RDMQhYur HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/png
content-length: 29816
last-modified: Sun, 28 Nov 2021 20:20:44 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "61a3e49c-7478"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/medium/public/field/image/hanoucca_0.png?itok=bOkNS_t5
147.135.91.235200 OK 59 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/medium/public/field/image/hanoucca_0.png?itok=bOkNS_t5
IP 147.135.91.235:0
File type PNG image data, 220 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash 57cdfa0ce5ea232aece7975dc2eddd33
9e6bb49dc31d4bf99ecabf893a3d4525ce41704e
f1e4bc76b0049a1b787415e709a9b14033116efc54256be4d161d4e7fc5abf19
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/medium/public/field/image/hanoucca_0.png?itok=bOkNS_t5 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/png
content-length: 59398
last-modified: Sun, 28 Nov 2021 19:03:12 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "61a3d270-e806"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2022-11/f6be43dc90b163110be908d2c284d324.jpg?itok=AkL261Pf
147.135.91.235200 OK 80 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2022-11/f6be43dc90b163110be908d2c284d324.jpg?itok=AkL261Pf
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 53f30811f5bb8e831adbc94d21f51f80
352e9872722d045167f7423216d2119bb8659c1e
54b1513f5c5528cdd3439c0381f9fa906fcbeba32162e9f34fb0eb2aeedf75c0
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2022-11/f6be43dc90b163110be908d2c284d324.jpg?itok=AkL261Pf HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 79516
last-modified: Sun, 20 Nov 2022 21:03:10 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "637a960e-1369c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2020-05/98600194_10207043718888592_8119460605926047744_n.jpg?itok=3M8ECFAM
147.135.91.235200 OK 76 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2020-05/98600194_10207043718888592_8119460605926047744_n.jpg?itok=3M8ECFAM
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 47a8f384bc233d997b24973d27aa5ae0
2505bd16948f97d0b44112ecddd2bfc3545266d5
f72fcb40f0aac1ec1c7954b306d4944f011f40d95bcb36b2adb3b8672f4f9035
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2020-05/98600194_10207043718888592_8119460605926047744_n.jpg?itok=3M8ECFAM HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 75906
last-modified: Sun, 24 May 2020 18:18:05 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "5ecaba5d-12882"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2016-10/couscous_0.jpg?itok=f3pQYJg4
147.135.91.235200 OK 80 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2016-10/couscous_0.jpg?itok=f3pQYJg4
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 8b34cf749ac674e569880f560ed7fbfa
11d144eb11674d0f318a06655072ae63b9de9c51
ecb8c3cc2cb7aeaa13159c1c2d711fc2ba5e1a90480e54da05e349c08cef2404
GET /news555/sites/default/files/styles/slideshow/public/2016-10/couscous_0.jpg?itok=f3pQYJg4 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 79738
last-modified: Wed, 26 Oct 2016 01:30:06 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "5810071e-1377a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/styles/slideshow/public/2022-10/bnatChemama94056_n.jpg?itok=OcZCOfsh
147.135.91.235200 OK 74 kB URL HTTP/2 harissa.com/news555/sites/default/files/styles/slideshow/public/2022-10/bnatChemama94056_n.jpg?itok=OcZCOfsh
IP 147.135.91.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1170x390, components 3\012- data
Hash 08345c9b159ff5aee9ec00261b3b39af
5841384ce2e65b2d7a6a3fa6c2b94076b6687bd3
95ea1107997e2a1182648551d6a440a73603e20dcebabcfff6cadcab17cd20bc
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/styles/slideshow/public/2022-10/bnatChemama94056_n.jpg?itok=OcZCOfsh HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: image/jpeg
content-length: 74021
last-modified: Sun, 02 Oct 2022 20:09:19 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: "6339efef-12125"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/js/fix_script.js?v=8.0.0
147.135.91.235200 OK 400 B URL HTTP/2 harissa.com/news555/themes/zircon/js/fix_script.js?v=8.0.0
IP 147.135.91.235:0
Hash 3b28778ede7f3cedea8fcc589c19e5b8
b52004ec09819b95a6669397766d7d035682dae5
37b260485293da8b5158e2ad327712baaab9ec75b43af16216b50a2febff5cad
GET /news555/themes/zircon/js/fix_script.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:42:01 GMT
etag: W/"3ff-5326d29ffb040"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/jssor/img/loading.gif
147.135.91.235200 OK 4.8 kB URL HTTP/2 harissa.com/news555/themes/zircon/jssor/img/loading.gif
IP 147.135.91.235:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash dd78ac008009bd821d2bf2da98108854
d3665f292d71f9ea2b9a61c476e6e2a9d0d35062
03acb263b1d85f824676b3cad66f9660c73d278f06e519c7ea727593ab4f5a13
GET /news555/themes/zircon/jssor/img/loading.gif HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:25 GMT
content-type: image/gif
content-length: 4765
last-modified: Sun, 22 Apr 2018 18:50:23 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:25 GMT
etag: "5adcd96f-129d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/icons/ee0000/required.svg
147.135.91.235200 OK 513 B URL HTTP/2 harissa.com/news555/core/misc/icons/ee0000/required.svg
IP 147.135.91.235:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (512)
Hash 7b33af87da4d8dd17bc03acce38dcf4b
4efa13e56f79d6da481d52109b8e2e592bf46ac0
1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/misc/icons/ee0000/required.svg HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/core/themes/classy/css/components/form.css?rifbr9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:25 GMT
content-type: image/svg+xml
content-length: 513
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 19:42:01 GMT
etag: "201-56bdf36927440"
accept-ranges: bytes
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:25 GMT
x-powered-by: PleskLin
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/feed.svg
147.135.91.235200 OK 462 B URL HTTP/2 harissa.com/news555/core/misc/feed.svg
IP 147.135.91.235:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 14efd8fc4cd7b0474363be79ae95dc59
36bc297d7e6571d9ccd281989b03a2bbcd2d1b72
be2c33eeea9e761795209e52fa6624ba7871bbc87a7d7e10b0a689e11c209790
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/misc/feed.svg HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/core/themes/classy/css/components/icons.css?rifbr9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:25 GMT
content-type: image/svg+xml
content-length: 462
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 19:42:30 GMT
etag: "1ce-56bdf384cf580"
accept-ranges: bytes
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:25 GMT
x-powered-by: PleskLin
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/fonts/oswald_regular/oswald-webfont.woff
147.135.91.235200 OK 20 kB URL HTTP/2 harissa.com/news555/themes/zircon/includes/fonts/oswald_regular/oswald-webfont.woff
IP 147.135.91.235:0
File type Web Open Font Format, TrueType, length 20344, version 1.0\012- data
Hash 764945543a34ed45b371dbcf1de317dc
ee8c97b06292d7b5d77e9189bdd27511a6c56931
9a13ca859e617603a5e0db7d6a91bd8d47b868af890b7774130274cfab800652
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/fonts/oswald_regular/oswald-webfont.woff HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://harissa.com/news555/themes/zircon/includes/fonts/oswald_regular/stylesheet.css?rifbr9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:25 GMT
content-type: application/font-woff
content-length: 20344
last-modified: Mon, 09 May 2016 18:45:46 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:25 GMT
etag: "5730dada-4f78"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/flexslider/jquery.flexslider-min.js?v=8.0.0
147.135.91.235200 OK 50 kB URL HTTP/2 harissa.com/news555/themes/zircon/includes/flexslider/jquery.flexslider-min.js?v=8.0.0
IP 147.135.91.235:0
File type ASCII text, with very long lines (21939)
Hash a343a02f834543cd16682ce8e37676f9
b0e35d568646e17c44de431ec56bcd6ed648a4a1
20d705bb7d0c880ae408b87a72159dca3488f57acd41751fb493145ade20d6f2
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/flexslider/jquery.flexslider-min.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:45:42 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730dad6-5612"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.api.oneall.com/socialize/login/frame/?oakk=55499&oakv=644a23f11aece9006945290ae28dcc01283718db4f426c9c3a2660a5702a958cb8ae7adcc97aececdbbd8875103250ab2484a318394cfd8e461760c62ea64b4cd9d5a831ab1cd7f2c32f1859ac821ee1776a524fbd0afe0a61512db4edbf33bd0e661ce200de5a9ef3437ef2bbdd84a9bd4522685ba151199442bd455d4144e43dd622d511d8f51d06f98753564fb278a41b53380448b2b0a5356591e9a07d9a4e1bb7c0f15f6636d9bf576e704d5bcdc0ef70f6f7814a3f60204560fb0428aaf14c67921a4ef2b20c9b647a8abae5f732ab7784701cc030995d555230eb0f0d3ea8a89cf5b6ad0c0467992901cbfbb16de5a2dd84e6c7b1b87083ca7b6c17af3680da2edbfa34607ec9f2f95aab9a5b4b4e41b5f0e5c981b3f82165be1c95f6eaf131de5eb674921d30d627be289565356a2507256afe11a65e28b1334a10beb093600bc091ec40b69c8e25918db95890864624047131b2a704af7a8b1697fdd8ef7bad3cf0da8c15a1d8d2b874fccbd9328e182b4214de6032ded906a12b19a5b8890323c35ba50c660f3c0c7d62d21d22673f53cdd8ac8459e9ea40e1e1ada04a757f5659d7df260b88801662a8bb2b5d&lang=en
136.243.63.184200 OK 892 B URL HTTP/1.1 harissa.api.oneall.com/socialize/login/frame/?oakk=55499&oakv=644a23f11aece9006945290ae28dcc01283718db4f426c9c3a2660a5702a958cb8ae7adcc97aececdbbd8875103250ab2484a318394cfd8e461760c62ea64b4cd9d5a831ab1cd7f2c32f1859ac821ee1776a524fbd0afe0a61512db4edbf33bd0e661ce200de5a9ef3437ef2bbdd84a9bd4522685ba151199442bd455d4144e43dd622d511d8f51d06f98753564fb278a41b53380448b2b0a5356591e9a07d9a4e1bb7c0f15f6636d9bf576e704d5bcdc0ef70f6f7814a3f60204560fb0428aaf14c67921a4ef2b20c9b647a8abae5f732ab7784701cc030995d555230eb0f0d3ea8a89cf5b6ad0c0467992901cbfbb16de5a2dd84e6c7b1b87083ca7b6c17af3680da2edbfa34607ec9f2f95aab9a5b4b4e41b5f0e5c981b3f82165be1c95f6eaf131de5eb674921d30d627be289565356a2507256afe11a65e28b1334a10beb093600bc091ec40b69c8e25918db95890864624047131b2a704af7a8b1697fdd8ef7bad3cf0da8c15a1d8d2b874fccbd9328e182b4214de6032ded906a12b19a5b8890323c35ba50c660f3c0c7d62d21d22673f53cdd8ac8459e9ea40e1e1ada04a757f5659d7df260b88801662a8bb2b5d&lang=en
IP 136.243.63.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (444), with CRLF line terminators
Hash 8d5848c3b1b917a1858960ffdb635d88
462ae475091a0836e20ae63211974ce06beeec4a
557bc058da3a87293b4e1ad7acddcfc1381534fb12e660440c47cb4d4c7ce993
GET /socialize/login/frame/?oakk=55499&oakv=644a23f11aece9006945290ae28dcc01283718db4f426c9c3a2660a5702a958cb8ae7adcc97aececdbbd8875103250ab2484a318394cfd8e461760c62ea64b4cd9d5a831ab1cd7f2c32f1859ac821ee1776a524fbd0afe0a61512db4edbf33bd0e661ce200de5a9ef3437ef2bbdd84a9bd4522685ba151199442bd455d4144e43dd622d511d8f51d06f98753564fb278a41b53380448b2b0a5356591e9a07d9a4e1bb7c0f15f6636d9bf576e704d5bcdc0ef70f6f7814a3f60204560fb0428aaf14c67921a4ef2b20c9b647a8abae5f732ab7784701cc030995d555230eb0f0d3ea8a89cf5b6ad0c0467992901cbfbb16de5a2dd84e6c7b1b87083ca7b6c17af3680da2edbfa34607ec9f2f95aab9a5b4b4e41b5f0e5c981b3f82165be1c95f6eaf131de5eb674921d30d627be289565356a2507256afe11a65e28b1334a10beb093600bc091ec40b69c8e25918db95890864624047131b2a704af7a8b1697fdd8ef7bad3cf0da8c15a1d8d2b874fccbd9328e182b4214de6032ded906a12b19a5b8890323c35ba50c660f3c0c7d62d21d22673f53cdd8ac8459e9ea40e1e1ada04a757f5659d7df260b88801662a8bb2b5d&lang=en HTTP/1.1
Host: harissa.api.oneall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:12:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 892
Connection: keep-alive
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Forwarded-Target: xwhiskey.oneall.com
X-Accepted-Source: xalpha.oneall.com
harissa.com/news555/core/themes/classy/css/components/ui-dialog.css?rifbr9
147.135.91.235200 OK 596 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/ui-dialog.css?rifbr9
IP 147.135.91.235:0
Hash 1942d910f69d29192b7217ed0f13a0d5
c5d00651ca69f1e6f3d1bdb5b2e52ea75d1cfb9a
56833db0476a8a15e99b57e27ed729a71605aa833b278868750d16d69914f9de
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/ui-dialog.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:20 GMT
etag: W/"d0-56bde48180a00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 02:41:08 GMT
expires: Fri, 02 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5477
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/harissafoundation-harissa/loader.js
151.101.129.44200 OK 28 kB URL HTTP/2 cdn.taboola.com/libtrc/harissafoundation-harissa/loader.js
IP 151.101.129.44:0
File type Unicode text, UTF-8 text, with very long lines (65506)
Hash 6efa2d3555cd265f8151b24df435ff96
bdea98797c544a6a01f8e3c916cacb5ce3c9d8ce
a0957179290eea2de75cc85a12e1dc49476f7da151010a58dd2e725871defa5d
GET /libtrc/harissafoundation-harissa/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5jmQiK3r++YLgLn6D3cnrXn0YW6Bewm6sSiduGqi3ySWzTLtqOSN7/txf447hFpkVZ7g9YC6hGo=
x-amz-request-id: HW3VSX18VZG1CFFH
last-modified: Thu, 01 Dec 2022 18:19:41 GMT
etag: "c0342eae81d3b4961fa31ff1f07aa980"
x-amz-version-id: DpR8.M1hhc7ZYHtwulwAnL1TTzc66jkD
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:25 GMT
via: 1.1 varnish
age: 27614
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669954346.524812,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 28210
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/js/zircon.js?v=8.0.0
147.135.91.235200 OK 2.0 kB URL HTTP/2 harissa.com/news555/themes/zircon/js/zircon.js?v=8.0.0
IP 147.135.91.235:0
Hash 0ec4840bbf642230d10baa37cf1b8923
7f16a6e6caa2b7c9112ff739fac9fc43e5e315b0
3de777b74ce08defede3cb461a6f3d83a277e67986d7127ef73c439436e71cce
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/js/zircon.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:42:00 GMT
etag: W/"3f6-5326d29f06e00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/js/carousel.js?v=8.0.0
147.135.91.235200 OK 1.1 kB URL HTTP/2 harissa.com/news555/themes/zircon/js/carousel.js?v=8.0.0
IP 147.135.91.235:0
Hash 186108700578d1dc9e0daa2e22e50959
3b172eff8319fb878afd7751b1b73b0e222ad1ba
16f87091d085810143e861c76ad2b0232602118c48164d8c6a2f882a8a4a469e
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/js/carousel.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:01 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730d9f9-427"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cse.google.com/cse.js?cx=partner-pub-7196062015142028:4868681689
172.217.21.174200 OK 3.5 kB URL HTTP/2 cse.google.com/cse.js?cx=partner-pub-7196062015142028:4868681689
IP 172.217.21.174:0
File type ASCII text, with very long lines (3188)
Hash 7e609f778c13ae4e6c2af400cea24167
af48750a2724b96c6ebc7a885fdd8e73fd63b246
cff82e375be2c58326b17a498fae615bfee88b26bb19b76360db24ea908a009d
GET /cse.js?cx=partner-pub-7196062015142028:4868681689 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 02 Dec 2022 04:12:25 GMT
server: gws
content-length: 3537
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+993; expires=Sun, 01-Dec-2024 04:12:25 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 04:12:25 GMT
cache-control: private
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/messages.css?rifbr9
147.135.91.235200 OK 1.0 kB URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/messages.css?rifbr9
IP 147.135.91.235:0
Hash bdd416ad2a896bce19a483847c4450b7
f8a8baa7ee5bfa995d5728ccc5809ca06c26c853
263ff8068a7f98cbcc052439f1e258ffd62b424dff99d836401e2882ab689da0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/messages.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Thu, 10 May 2018 18:35:22 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af490ea-77d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=f03dbf965f148fae4035fa6b3d217ac2
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=f03dbf965f148fae4035fa6b3d217ac2
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash 88cd0400f2cb0c069757d72d293960b9
8cd63e673be6c5e7e765d40f3099f568419849fe
77b5dcccafc19e732ea8fca284df4521b9c61def6914728d0b5f3d006a1e082b
GET /en_US/sdk.js?hash=f03dbf965f148fae4035fa6b3d217ac2 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://harissa.com
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 096ab425d3c3e7af715887c796e47459
etag: "31224ae8f65dfd68cc81b9d5a3e16d56"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 02 Dec 2023 03:38:38 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: iM0EAPLLDAaXV9ctKTlguQ==
x-fb-debug: TaRSG+Ma+TbgdVjjtuT/mqofabOn8l49JOMwJNb51M/CC1pCloTzJnlNTPv8LKnIrUJ2w0IxUQ3hbcdju1jXww==
priority: u=3,i
content-length: 88359
x-fb-trip-id: 1904183273
date: Fri, 02 Dec 2022 04:12:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:44:48 GMT
expires: Fri, 01 Dec 2023 21:44:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 23257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
harissa.com/news555/modules/addtoany/css/addtoany.css?rifbr9
147.135.91.235200 OK 753 B URL HTTP/2 harissa.com/news555/modules/addtoany/css/addtoany.css?rifbr9
IP 147.135.91.235:0
Hash 550c780a08f62c96d904ed75bc8be06c
dca029c3e3629be8c78b09df1a82253e9312d88d
9259f22d4bbbe287d18b89b4cdaa4b46919da576cfd1cad91a66b516c62d1649
GET /news555/modules/addtoany/css/addtoany.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Tue, 08 May 2018 19:51:49 GMT
etag: W/"3ad-56bb71defdf40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/textarea.css?rifbr9
147.135.91.235200 OK 163 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/textarea.css?rifbr9
IP 147.135.91.235:0
Hash 9ce0ce039885d25e702dfb97e80c59c0
65953a7c1c91cb739a4aa686b4b0ed27b6b939ba
f77e5a05ea03a45c8eabea74bec462a0b95781d68597315aa45595780656e821
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/textarea.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:20 GMT
etag: W/"a9-56bde48180a00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 22:50:37 GMT
expires: Fri, 01 Dec 2023 22:50:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 19308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/autocomplete-loading.module.css?rifbr9
147.135.91.235200 OK 674 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/autocomplete-loading.module.css?rifbr9
IP 147.135.91.235:0
File type troff or preprocessor input, ASCII text
Hash f973efc460b650a57ca9854cf71c620a
7549917e22f1534517795f5d700243c3edf5d1b3
17fc83c7b9d4f1821d09ccafb4d29f75ffc9ddbe95b34f9df13b07d01f18ad1a
GET /news555/core/themes/stable/css/system/components/autocomplete-loading.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:57 GMT
etag: W/"263-56bde43258f40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 01 Dec 2022 10:32:03 GMT
expires: Thu, 15 Dec 2022 10:32:03 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 63622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10044
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:12:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10044
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:12:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10044
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:12:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBn917CDV6DjSs9TAL2iBU0Rn8_f8ny1rAVXrbI9KML2P7pxusbdjA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:43:01 GMT
age: 1764
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10044
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:12:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10044
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 04:12:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 20355
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 23006
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 23858
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 22934
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221201-24-RELEASE.js
151.101.129.44200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221201-24-RELEASE.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (65508)
Size 147 kB (146699 bytes)
Hash 385cfb682512980cfe2f08fd62b6fb64
919642ed4b5417f290135254ad4111ebd8e2aa43
65c97a5cb9fd3d92e790d93891cdbca0ebe7ca98d603a131d830a8d47db41e3a
GET /libtrc/impl.20221201-24-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rFDrDFdl4BZ4eIl3PtktQYpAVy1RE6POaQ9eRZxo+xxAX1n6SMNyHhkN5nza1KCxHfcBpzMAfto=
x-amz-request-id: PDD8ANKXRASKG9HN
last-modified: Thu, 01 Dec 2022 17:45:55 GMT
etag: "385cfb682512980cfe2f08fd62b6fb64"
content-encoding: br
x-amz-version-id: ofIXx6LEWRAEtEe5ALtgmKE0Y_JueXHu
content-type: application/javascript
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:25 GMT
via: 1.1 varnish
age: 8594
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 2027
x-timer: S1669954346.916333,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
server: AmazonS3-br
content-length: 146699
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
34.120.237.76200 OK 1.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 367a113e3826442861c63ba501d2d67d
764f6910ecc1ee436a70aa83f5bd363c2e500341
5e5cc53aba99e68211c86a2fd83ac4a023d1c82875d60a09d52875ef129cbb71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1654
x-amzn-requestid: 537d523f-a3fb-4514-bda5-ecc834c1ed39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgBEFNIAMFTjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dff-0c12ccea20e953c236ca2b1b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IXNpFJsiqPvrg8f-op2tcIVW2qoV7ZPm12wsTTXfYu0369N4Csy8BA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:06:58 GMT
age: 21927
etag: "764f6910ecc1ee436a70aa83f5bd363c2e500341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a9bdfccd1df3e323e28d92aea1077409
4625fbbbbb614755a86dabddfaf40e99b3934ba6
8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=harissa.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=harissa.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=harissa.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 04:12:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=harissa.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=harissa.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=harissa.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 04:12:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=harissa.com&callback=_gfp_s_&client=ca-pub-7196062015142028&gpid_exp=1
216.58.207.194200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=harissa.com&callback=_gfp_s_&client=ca-pub-7196062015142028&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (389), with no line terminators
Hash e8782204650088a530a4e3f3ebc7f4c3
4366a3903777c09b78db01bbf199af4f299ac6c4
20cf82ddb4ddabb9a06bf70cf4411f3e4e398c118131c02be978baf0a2abb491
GET /gampad/cookie.js?domain=harissa.com&callback=_gfp_s_&client=ca-pub-7196062015142028&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 04:12:26 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1669954344343&ns_c=UTF-8&c7=https%3A%2F%2Fharissa.com%2Fnews555%2F&c8=%7C%20Harissa&c9=https%3A%2F%2Fharissa.com%2F
143.204.55.96204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1669954344343&ns_c=UTF-8&c7=https%3A%2F%2Fharissa.com%2Fnews555%2F&c8=%7C%20Harissa&c9=https%3A%2F%2Fharissa.com%2F
IP 143.204.55.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1669954344343&ns_c=UTF-8&c7=https%3A%2F%2Fharissa.com%2Fnews555%2F&c8=%7C%20Harissa&c9=https%3A%2F%2Fharissa.com%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 04:12:26 GMT
set-cookie: UID=160c39bfec6d285eab1c5121669954346; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Sv9BFeoMdIOLqQBHchHYxUMxPmsYBEoCvTWDLPN2PDYeku4uDo4o-w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a9bdfccd1df3e323e28d92aea1077409
4625fbbbbb614755a86dabddfaf40e99b3934ba6
8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 2d32250acb87fcde65ccaf9be20d6e6e
897d188617fb1c743fe8398202307b31e52f72a5
d503ce28e00cb28993f547a72c519f7cea3bd25e3447b98f3b81ab000ebffad5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 643
Cache-Control: max-age=111902
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Etag: "63888ac5-138"
Expires: Sat, 03 Dec 2022 11:17:28 GMT
Last-Modified: Thu, 01 Dec 2022 11:06:45 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
trc-events.taboola.com/harissafoundation-harissa/log/2/debug?tim=04%3A12%3A24.476&type=usage&msg=rtus&llvl=2&id=5203&cv=20221201-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/harissafoundation-harissa/log/2/debug?tim=04%3A12%3A24.476&type=usage&msg=rtus&llvl=2&id=5203&cv=20221201-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /harissafoundation-harissa/log/2/debug?tim=04%3A12%3A24.476&type=usage&msg=rtus&llvl=2&id=5203&cv=20221201-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 04:12:26 GMT
x-fastly-to-nlb-rtt: 22035
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b80b9fdd50e1a97c434f592efe9e5f
9f8ef6f699f6a349edf46c73ed4023d706027201
ed2e81c384d6b31b0e0ed2169df1bb332e92bb8c5885eedb13f7a4270b8abec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Thu, 01 Dec 2022 15:59:33 GMT
expires: Thu, 15 Dec 2022 15:59:33 GMT
cache-control: public, max-age=1209600
age: 43973
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b80b9fdd50e1a97c434f592efe9e5f
9f8ef6f699f6a349edf46c73ed4023d706027201
ed2e81c384d6b31b0e0ed2169df1bb332e92bb8c5885eedb13f7a4270b8abec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 066169a9fd3e3491ad6264c1def29828
7b21f49ce285daa91ab11f4affa85f04e43c09e6
58978f2aa505c9e4e1fc31fd38ce378b881e2bc3f56c1b9ad2fdfed2ed9bfe5d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:12:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 05:54:54 GMT
Expires: Wed, 07 Dec 2022 05:54:53 GMT
Etag: "7b21f49ce285daa91ab11f4affa85f04e43c09e6"
Cache-Control: max-age=437546,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773139689b32b51d-OSL
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
172.217.21.161200 OK 9.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1596)
Hash 6b277303de172776fc303dfc195982ef
fe6c6af5791742485ae21c4dc02edbee2b426886
c536ada7aa8f4679e0e4f0b99703aab79f6fe32659d777f9c01a7785aa06a36d
GET /pagead/js/r20221110/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9428
x-xss-protection: 0
date: Thu, 01 Dec 2022 13:29:36 GMT
expires: Thu, 15 Dec 2022 13:29:36 GMT
cache-control: public, max-age=1209600
age: 52970
etag: 246362764157784863
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.oneallcdn.com/css/api/themes/beveled_w35_h35_wc_v1.css
136.243.63.186200 OK 1.6 kB URL HTTP/1.1 secure.oneallcdn.com/css/api/themes/beveled_w35_h35_wc_v1.css
IP 136.243.63.186:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 2d7aa40fa104b258f64995a4a92732d6
11c35eac71787ba1842e7fcfc85ef5f59d32f10a
b1e1a8beea21ed1631daff48b2f52e91a9c1682cc0fe8a2b56d2dfaae4e24dce
GET /css/api/themes/beveled_w35_h35_wc_v1.css HTTP/1.1
Host: secure.oneallcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.api.oneall.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:12:26 GMT
Content-Type: text/css
Content-Length: 1632
Connection: keep-alive
Last-Modified: Fri, 21 Jan 2022 09:46:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=7200
Expires: Fri, 02 Dec 2022 06:12:26 GMT
X-Forwarded-Target: xwhiskey.oneall.com
X-Accepted-Source: xalpha.oneall.com
Vary: Accept-Encoding, Origin
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
142.250.74.106200 OK 15 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
IP 142.250.74.106:0
File type ASCII text, with very long lines (1833)
Hash b14783e23b28e72eeab1b2092aef9209
928bb12b81745a68759b1fdbf108327dba588343
d3200cd4152017d75ac1ee959aaddeee962d0dde0c5ccd48dc8a6e34eb1b40b2
GET /css?family=Roboto%3A300%2C400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 04:12:26 GMT
date: Fri, 02 Dec 2022 04:12:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 117512
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 117491
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 117491
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.oneallcdn.com/img/api/themes/iconsets/beveled_w35_h35_c_v1.png
136.243.63.186200 OK 112 kB URL HTTP/1.1 secure.oneallcdn.com/img/api/themes/iconsets/beveled_w35_h35_c_v1.png
IP 136.243.63.186:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1926 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (112164 bytes)
Hash 6f88941e4ef81991a4654ede7d9b5b36
dbdeb1fe2f2cf03aa18ea7b813f63882104636cd
78a54564b06334a9f94733a1ac1e55290ad189563005d53e326efd71238f814d
GET /img/api/themes/iconsets/beveled_w35_h35_c_v1.png HTTP/1.1
Host: secure.oneallcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oneallcdn.com/css/api/themes/beveled_w35_h35_wc_v1.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:12:26 GMT
Content-Type: image/png
Content-Length: 112164
Connection: keep-alive
Last-Modified: Fri, 21 Jan 2022 09:46:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 02 Dec 2022 06:12:26 GMT
X-Forwarded-Target: xquebec.oneall.com
X-Accepted-Source: xalpha.oneall.com
Vary: Origin
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 42 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash fe5b44573f14f3f751a097ef88ff6d3d
949ccfad0c2741856575ea9fe87b972ecb3fe1b0
4d27fabb8b3a8b9fc60d3bbf6610b5c14b97d34db35642c8a009cd621e26398e
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:26 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 797413
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20784, version 1.0\012- data
Hash e11c810c086df83c0876dd59ed32ebcb
b89fe2ed6d016f81af13b35797ad2b0e2e5c6822
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
GET /s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:24:41 GMT
expires: Wed, 29 Nov 2023 22:24:41 GMT
cache-control: public, max-age=31536000
age: 193666
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/206675363/11664687403236431227_9146618617033836075.jpeg
142.250.74.134200 OK 73 kB URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/11664687403236431227_9146618617033836075.jpeg
IP 142.250.74.134:0
File type JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Hash 4884231ed26d431ec5cc923ac180aa0f
5cdc749c9c0434d2abdb7cbe044f491f73d14882
fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908
GET /dynamic/5/206675363/11664687403236431227_9146618617033836075.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 72725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:07:37 GMT
expires: Fri, 01 Dec 2023 21:07:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 09:11:40 GMT
content-type: image/jpeg
age: 25490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:35:00 GMT
expires: Thu, 30 Nov 2023 20:35:00 GMT
cache-control: public, max-age=31536000
age: 113847
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/logo.png
104.17.24.14200 OK 3.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/logo.png
IP 104.17.24.14:0
File type PNG image data, 142 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ca489adaaf5b1f86d9d7773150485f09
42e561c0a89990ffca520f2aac825eafff605ed7
1f72f65f01f347f7b6984d924dabad9dd44269be7defb2abd3f2320b9272394e
GET /ajax/libs/cookieconsent2/1.0.10/logo.png HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:28 GMT
content-type: image/png; charset=utf-8
content-length: 3087
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-c0b"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 40078
expires: Wed, 22 Nov 2023 04:12:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1nWP%2Bwy%2FHELOPRCh1NA7YWOslrEQO1SXj6Flzvp61WSSsy%2B4JlTRiQ%2B79puQB7cQzLONeL9QDMXoPVjb6ZGjcm1gFUFCn%2BDo4fy%2FqLWKr4D1zzLqmkepHEOr%2Fa19BqX6x7qpbOb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77313975cb120b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221201-24-RELEASE.es6.js
151.101.129.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221201-24-RELEASE.es6.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (17842)
Hash 3767da295d90d4c24af46376d07d5cde
ab04b6b8786df6bc95a073872f61937f1b13eeb2
ac5acd527482d71c4e70c82d6d487ed41dc65bed1acf1759b6bc9d863e6e563e
GET /libtrc/userx.20221201-24-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: qMZYEpAgENcZNG+9XK3eH6EoB170TC4Taq/jEXHxbB6WGtDcHZAZIX/26auQKENc8X8eX20WSgw=
x-amz-request-id: 1MV75WX5S7VBM1F7
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 18:03:33 GMT
etag: "16f67637ac3bc1b6ccd63e6d03c34457"
x-amz-version-id: odjpI9TqiU291.wDPAnq80pQaadNJReA
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:28 GMT
via: 1.1 varnish
age: 23
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669954349.507012,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 2
content-length: 5398
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
151.101.129.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash aac1042207afd54e1cf1befcaf3420cd
00f0597866330a850a1d6222861591f24dd18380
ea77ece8880eb28ffe83e94ef787b4204f8b1b3d09f443011b898b13ed4bb706
GET /lite-unit/3.9.8/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
etag: "1842444d4bb92087143326a4d508875d"
server: AmazonS3
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: iVxUQ_yUDgKIDSZaR21P2jFvv94ZUaTAMQdnd9xsEMFJTpsmb2NMlg==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:28 GMT
age: 853791
x-served-by: cache-bma1627-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 28959
x-timer: S1669954349.509964,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29909
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/781e8c517f61f28dbb3f2f84346973a1.jpg
151.101.129.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/781e8c517f61f28dbb3f2f84346973a1.jpg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f7b4690609dd7a792c74ea17ecbe621c
c5a8c91eb10e1635586ec48aa00ff2e4f277578e
043860e4d3495a3ed48e68668ea5e355a9cbd4ce03eebe421d7ff8b2f1a0a8a5
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/781e8c517f61f28dbb3f2f84346973a1.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 335411817300660784545747419402689588471,459629802988283559849594353226043259013,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 335411817300660784545747419402689588471,459629802988283559849594353226043259013,29ecf9b93bbf306179626feeda1fab70
etag: "20783a1a4f492d22cd007af9afb06fbc"
last-modified: Sat, 08 Oct 2022 23:08:28 GMT
req-referer: https://www.news.com.au/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 1b7c157296b459b071453f495f54712f
x-envoy-upstream-service-time: 107
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:28 GMT
age: 2613609
x-served-by: cache-iad-kcgs7200106-IAD, cache-iad-kcgs7200036-IAD, cache-chi-klot8100049-CHI, cache-iad-kjyo7100152-IAD, cache-bma1627-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 2, 1, 14, 1
x-timer: S1669954349.535554,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/781e8c517f61f28dbb3f2f84346973a1.jpg
x-vcl-time-ms: 2
content-length: 11394
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7211a733444782f05081ea942790001e.jpg
151.101.129.44200 OK 4.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7211a733444782f05081ea942790001e.jpg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ac13510d5d109779c49586995883eb5c
7173d141b8c5f1005874fa7e9ec0c0a0f4d4314b
4a76589a6a3f17dda2434a241f6cc2bdf1249cd75c5c5327659bb032f010c51f
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7211a733444782f05081ea942790001e.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 548971830058668228934551612135537548874,459629802988283559849594353226043259013,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 548971830058668228934551612135537548874,459629802988283559849594353226043259013,29ecf9b93bbf306179626feeda1fab70
etag: "f07bb144fb3dd15fcc62fa0f241336e6"
last-modified: Fri, 28 Oct 2022 18:12:08 GMT
req-referer: https://www.news.com.au/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: beee5a26ff54837502af1cf07c97979a
x-envoy-upstream-service-time: 536
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:28 GMT
age: 1380535
x-served-by: cache-iad-kjyo7100047-IAD, cache-iad-kiad7000164-IAD, cache-sna10722-LGB, cache-iad-kiad7000069-IAD, cache-bma1627-BMA
x-cache: MISS, MISS, MISS, HIT, MISS
x-cache-hits: 0, 0, 0, 4, 0
x-timer: S1669954349.535339,VS0,VE92
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7211a733444782f05081ea942790001e.jpg
x-vcl-time-ms: 92
content-length: 4756
X-Firefox-Spdy: h2
trc.taboola.com/harissafoundation-harissa/trc/3/json?tim=04%3A12%3A25.094<i=deflated&data=%7B%22id%22%3A895%2C%22ii%22%3A%22%2Fnews555%2Ffr%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669918772720%2C%22vi%22%3A1669954345091%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fharissa.com%2Fnews555%2Ffr%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fharissa.com%2Fnews555%2F%22%2C%22vpi%22%3A%22%2Fnews555%22%2C%22e%22%3A%22https%3A%2F%2Fharissa.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5673%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A2985.9833984375%2C%22mw%22%3A230.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews555%2Ffr%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.129.44200 OK 22 kB URL HTTP/2 trc.taboola.com/harissafoundation-harissa/trc/3/json?tim=04%3A12%3A25.094<i=deflated&data=%7B%22id%22%3A895%2C%22ii%22%3A%22%2Fnews555%2Ffr%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669918772720%2C%22vi%22%3A1669954345091%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fharissa.com%2Fnews555%2Ffr%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fharissa.com%2Fnews555%2F%22%2C%22vpi%22%3A%22%2Fnews555%22%2C%22e%22%3A%22https%3A%2F%2Fharissa.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5673%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A2985.9833984375%2C%22mw%22%3A230.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews555%2Ffr%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.129.44:0
Hash 78b31c758e23d569835ed82b9d000603
a1d36d406fa5c4698da61f12b502e5e0006db6db
3af2edec8ec342f84dbb4974e63e26d3dabd8b1700f3469cd901daddaef23b13
GET /harissafoundation-harissa/trc/3/json?tim=04%3A12%3A25.094<i=deflated&data=%7B%22id%22%3A895%2C%22ii%22%3A%22%2Fnews555%2Ffr%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669918772720%2C%22vi%22%3A1669954345091%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fharissa.com%2Fnews555%2Ffr%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fharissa.com%2Fnews555%2F%22%2C%22vpi%22%3A%22%2Fnews555%22%2C%22e%22%3A%22https%3A%2F%2Fharissa.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5673%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A2985.9833984375%2C%22mw%22%3A230.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews555%2Ffr%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://harissa.com
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://harissa.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669954347.762974,VS0,VE223
vary: Accept-Encoding
x-vcl-time-ms: 223
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53faca60cb5b9602d38e3410d0e04e87.jpg
151.101.129.44200 OK 6.2 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53faca60cb5b9602d38e3410d0e04e87.jpg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1667eb85bbb604837ae600856cdc1851
f2b751003277dbd4efba088b2f2f2acf15bf43ff
134fef04abb6642b9c800d16820046e77bc90fd7d6fe0234c293ed832b0c9721
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53faca60cb5b9602d38e3410d0e04e87.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 419550766599585900405105220648995381528,459629802988283559849594353226043259013,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 419550766599585900405105220648995381528,459629802988283559849594353226043259013,29ecf9b93bbf306179626feeda1fab70
etag: "8d2e85fb0927de839b20cf1d803137e3"
expiration: expiry-date="Fri, 09 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 08 Nov 2022 23:20:38 GMT
req-referer: https://harissa.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 155
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:28 GMT
age: 0
x-served-by: cache-iad-kjyo7100123-IAD, cache-iad-kjyo7100040-IAD, cache-chi-kigq8000091-CHI, cache-iad-kjyo7100062-IAD, cache-bma1627-BMA
x-cache: MISS, MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0, 0
x-timer: S1669954349.532030,VS0,VE277
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_140%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53faca60cb5b9602d38e3410d0e04e87.jpg
x-vcl-time-ms: 277
content-length: 6240
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 96a324f9bbaffcb08eb052a90c10fd44
4140b22e29900bed26433a2ed42321614a01f057
6a175fa4123b17dc17a41f94d69e2c19803eecb88045cae84279691f1df46086
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 557
Cache-Control: max-age=135613
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:28 GMT
Etag: "6388e7bc-13a"
Expires: Sat, 03 Dec 2022 17:52:41 GMT
Last-Modified: Thu, 01 Dec 2022 17:43:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:28 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=djxWMl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKYUlnVHltZjVUSWMzOEJ1TSUyRjFvTGlrcmY2UDNDQklWY1NUemtVZlZVNQ; expires=Wed, 27 Dec 2023 04:12:28 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 228500
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 50d5643a01fdc1a69b2f7c79a4f07d4f
4bc197dc38546ab8498ca8560dd124c3d7a0abbb
fcb9c71044d8b368a84ba31efa11b7827fc4d5c80760bd2c6be9e7221e16112f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 635
Cache-Control: max-age=107941
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:28 GMT
Etag: "63887b56-138"
Expires: Sat, 03 Dec 2022 10:11:29 GMT
Last-Modified: Thu, 01 Dec 2022 10:00:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 50d5643a01fdc1a69b2f7c79a4f07d4f
4bc197dc38546ab8498ca8560dd124c3d7a0abbb
fcb9c71044d8b368a84ba31efa11b7827fc4d5c80760bd2c6be9e7221e16112f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 635
Cache-Control: max-age=107941
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:28 GMT
Etag: "63887b56-138"
Expires: Sat, 03 Dec 2022 10:11:29 GMT
Last-Modified: Thu, 01 Dec 2022 10:00:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&cmcv=&pix=31589837&cb=1669954347336&uv=3245&tms=1669954347336&abt=amplean_vF!Noappq22_vC!ufm&ru=https://harissa.com/&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1669954342506!ts:1669954347336&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&cmcv=&pix=31589837&cb=1669954347336&uv=3245&tms=1669954347336&abt=amplean_vF!Noappq22_vC!ufm&ru=https://harissa.com/&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1669954342506!ts:1669954347336&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&cmcv=&pix=31589837&cb=1669954347336&uv=3245&tms=1669954347336&abt=amplean_vF!Noappq22_vC!ufm&ru=https://harissa.com/&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1669954342506!ts:1669954347336&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:29 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=harissa.com&sn=FirefoxSyncframe&so=0&topUrl=harissa.com&info=BVd2fl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKYUlnVHltZjVUSWMzOEJ1TSUyRjFvSll6YVJ5UlJVSVFCR1pqTiUyQkViR2hE&idsd=1546669770,774899296&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 318 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=harissa.com&sn=FirefoxSyncframe&so=0&topUrl=harissa.com&info=BVd2fl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKYUlnVHltZjVUSWMzOEJ1TSUyRjFvSll6YVJ5UlJVSVFCR1pqTiUyQkViR2hE&idsd=1546669770,774899296&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (393), with no line terminators
Hash 83667d8a442c6fd3e2a8d8e44eed0574
f28027e4694e3e95284f8ae8b1f0acb9c9bd5948
4d0fb0f13b0be200a029393aa5e11674634cd4b4618d9fec6968abaf8ba0f074
GET /sid/json?origin=rtus&domain=harissa.com&sn=FirefoxSyncframe&so=0&topUrl=harissa.com&info=BVd2fl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKYUlnVHltZjVUSWMzOEJ1TSUyRjFvSll6YVJ5UlJVSVFCR1pqTiUyQkViR2hE&idsd=1546669770,774899296&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=harissa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 972531
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
151.101.129.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
IP 151.101.129.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_4_5/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Bf8dw0NjA07TfpEMmKBaL+UFJWQuALEo7owO+vyJS0Z7+UM4VbN5qXqenI+jCaBsTF8hL6tqRMY=
x-amz-request-id: 89SNZ5N6GV47VA34
last-modified: Mon, 28 Nov 2022 10:07:46 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1669630065
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630064
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
age: 324190
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 79982
x-timer: S1669954349.166390,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
151.101.129.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
IP 151.101.129.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127788 bytes)
Hash 2b361da912acc8f13f4f1b545047025f
af3a70c02bb88e27a151e8edf4a93931ace2aced
7f44e7dee5fbeb1334cdcb6b06d37dbf74a5ce2c65d4494843a2dabd98f2ef1b
GET /vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://harissa.com
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: NxcjemMMJRUsCExBkB2iiVRl9DgwLdtVaii0IcyucefSWzHY1Wd9p4I32adBzeHQ7741KdCnChI=
x-amz-request-id: 89SJXSQ72NB1B3KT
last-modified: Mon, 28 Nov 2022 10:06:56 GMT
etag: "2b361da912acc8f13f4f1b545047025f"
x-amz-meta-ctime: 1669630015
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630014
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
age: 324190
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 35206
x-timer: S1669954349.178216,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127788
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eaa62ec471b7a69a3c84a2ed4c148b7f
9c9a80c2a4e6ca976c18d2beefba1a0a5e977a64
a39b7ca367162adb5b52d9f2b1da37ad9881d0557e84188803ffdc7b2af9aa9f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 667
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:29 GMT
Last-Modified: Fri, 02 Dec 2022 04:01:22 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eaa62ec471b7a69a3c84a2ed4c148b7f
9c9a80c2a4e6ca976c18d2beefba1a0a5e977a64
a39b7ca367162adb5b52d9f2b1da37ad9881d0557e84188803ffdc7b2af9aa9f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 119
Cache-Control: max-age=158556
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:29 GMT
Etag: "63894312-1d7"
Expires: Sun, 04 Dec 2022 00:15:05 GMT
Last-Modified: Fri, 02 Dec 2022 00:13:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
am-match.taboola.com/sync?dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash e212b134cabf80f8be66f676e09c0097
c6f5b87bdb324d5acc99af18d97d5d9835c65c7a
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
GET /sync?dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:29 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 56cc4f734f78d429f22250c1b438ef0d
5403bb05cb736991801b90ae57c48743036c8263
5b94de7d0f5eff0bfcb9acac6e60f21e3ec8cb86cbfed7b073f88978c2070142
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 494
Cache-Control: max-age=98084
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:12:29 GMT
Etag: "63885563-13a"
Expires: Sat, 03 Dec 2022 07:27:13 GMT
Last-Modified: Thu, 01 Dec 2022 07:18:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:29 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
151.101.129.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP 151.101.129.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
age: 506226
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 143282
x-timer: S1669954349.453527,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.129.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.129.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
age: 9326
x-served-by: cache-bma1627-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 1607
x-timer: S1669954350.540179,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.239200 OK 81 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.239:0
Hash e1db65114ce330fd713349d5ec0a8448
5d16e4e5deb3861a0a160581dc626db9232e8243
2a4d86aa7a746a47d9531271c472ed9195b9802c7219a9cd196171e3de761069
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 126961
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 04:12:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=897950e4-71f7-11ed-9d8f-1fe3cd8f0106; expires=Fri, 30-Dec-2022 04:12:29 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89795130-71f7-11ed-9d8f-1fe3cd8f0106
X-fe: 23
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8958b585-71f7-11ed-9d8f-1fe3cd8f0106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8958b585-71f7-11ed-9d8f-1fe3cd8f0106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8958b585-71f7-11ed-9d8f-1fe3cd8f0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 02 Dec 2022 04:12:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=8979a4c0-71f7-11ed-8927-1e3504c40506; expires=Fri, 30-Dec-2022 04:12:29 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 56
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
gem.gbc.criteo.com/newidsd
178.250.6.129200 OK 38 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.129:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b4f7438182adc23708f55cdac09219c2
5e7028d9290799a17a382f79a9411f8a1a32b12b
44f085ba32aa31cc5980861a321e2fe147a12265f2eafbe5e25146bfc26b668b
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 124804
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/harissafoundation-harissa/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
151.101.129.44204 No Content 0 B URL HTTP/2 trc.taboola.com/harissafoundation-harissa/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP 151.101.129.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /harissafoundation-harissa/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3174
Origin: https://harissa.com
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://harissa.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669954350.567268,VS0,VE95
x-vcl-time-ms: 95
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89795130-71f7-11ed-9d8f-1fe3cd8f0106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89795130-71f7-11ed-9d8f-1fe3cd8f0106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89795130-71f7-11ed-9d8f-1fe3cd8f0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 02 Dec 2022 04:12:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=8988885d-71f7-11ed-b193-1ee5b9e10206; expires=Fri, 30-Dec-2022 04:12:29 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 113
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=897ce342-71f7-11ed-ad16-1e3504c40206
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=897ce342-71f7-11ed-ad16-1e3504c40206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=897ce342-71f7-11ed-ad16-1e3504c40206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 02 Dec 2022 04:12:29 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=89898ec8-71f7-11ed-a70f-132476d60406; expires=Fri, 30-Dec-2022 04:12:29 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 143
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.129.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.129.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
age: 16790
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 435
x-timer: S1669954350.694005,VS0,VE0
cache-control: private,max-age=31536000
abp: 2
content-length: 254
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 53ebd0d4b9ede359adb0d6b8d6ae3c39
0200a4ebed557808bcccd3e5d0fe625513ad2ebe
e352b67003ad44e6f4fc3f23621fea03354e4a82b1f2d1820ce7bc554ecc7792
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:12:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Dec 2022 01:14:45 GMT
ETag: "0200a4ebed557808bcccd3e5d0fe625513ad2ebe"
Last-Modified: Fri, 02 Dec 2022 01:14:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 100
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731397de893fab4-OSL
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:29 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 30bc66626cbc05ddb909fb1f53d31f93
3a7421ebe7bac3a0f6a65070938a2bcc179b9a51
3271c08fdddd247d940426b39b93330d6fe63df2ca79cd8026cac0bace9cfecf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133923
Date: Fri, 02 Dec 2022 04:12:29 GMT
Etag: "6388e0ab-1d7"
Expires: Sat, 03 Dec 2022 17:24:32 GMT
Last-Modified: Thu, 01 Dec 2022 17:13:15 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KHFS3G7LPKUzbHtn_d6EtVZsSdAz0ShjAfm_EoRa_gQdtvGZe3I80g==
Age: 677
cdn.taboola.com/scripts/cds-pips.js
151.101.129.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:30 GMT
via: 1.1 varnish
age: 494
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 361
x-timer: S1669954350.469130,VS0,VE0
vary: Accept-Encoding
abp: 2
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.1.44200 OK 4 B IP 151.101.1.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://harissa.com
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://harissa.com
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 21146
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/nowrap.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/nowrap.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/nowrap.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:56 GMT
etag: W/"60-56bde43164d00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/collapse-processed.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/collapse-processed.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/collapse-processed.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:24 GMT
etag: W/"33b-56bde48551300"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/assets/vendor/jquery/jquery.min.js?v=2.2.4
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/assets/vendor/jquery/jquery.min.js?v=2.2.4
IP 147.135.91.235:0
GET /news555/core/assets/vendor/jquery/jquery.min.js?v=2.2.4 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Thu, 10 May 2018 19:51:29 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af4a2c1-14e4a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/progress.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/progress.module.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/stable/css/system/components/progress.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:56 GMT
etag: W/"339-56bde43164d00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/system-status-report-counters.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/system-status-report-counters.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/system-status-report-counters.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:55 GMT
etag: W/"22b-56bde43070ac0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/button.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/button.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/button.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:24 GMT
etag: W/"cc-56bde48551300"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/links.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/links.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/links.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:22 GMT
etag: W/"157-56bde48368e80"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/system-status-report-general-info.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/system-status-report-general-info.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/stable/css/system/components/system-status-report-general-info.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:55 GMT
etag: W/"ff-56bde43070ac0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/monokai/monokai.min.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/monokai/monokai.min.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/monokai/monokai.min.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:42:43 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da23-6ea"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/field.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/field.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/field.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:23 GMT
etag: W/"20c-56bde4845d0c0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/
147.135.91.235200 OK 0 B IP 147.135.91.235:0
GET / HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2018 06:23:16 GMT
etag: W/"5a618ed4-44d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/tabledrag.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/tabledrag.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/tabledrag.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Thu, 10 May 2018 18:33:55 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af49093-730"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/fontawesome/css/font-awesome.min.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/fontawesome/css/font-awesome.min.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/fontawesome/css/font-awesome.min.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:46:00 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730dae8-4574"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/drupal.init.js?v=8.3.9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/misc/drupal.init.js?v=8.3.9
IP 147.135.91.235:0
GET /news555/core/misc/drupal.init.js?v=8.3.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 19:42:31 GMT
etag: W/"21b-56bdf385c37c0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 04:12:24 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+612; expires=Sun, 01-Dec-2024 04:12:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/fonts/oswald_regular/stylesheet.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/fonts/oswald_regular/stylesheet.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/fonts/oswald_regular/stylesheet.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:45:46 GMT
etag: W/"131-5326d3768ea80"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/inline-form.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/inline-form.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/inline-form.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:22 GMT
etag: W/"2e5-56bde48368e80"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/form.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/form.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/form.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Thu, 10 May 2018 18:35:23 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af490eb-882"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/flexslider/jquery.flexslider.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/flexslider/jquery.flexslider.js?v=8.0.0
IP 147.135.91.235:0
GET /news555/themes/zircon/includes/flexslider/jquery.flexslider.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:45:42 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730dad6-d683"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/item-list.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/item-list.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/item-list.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:22 GMT
etag: W/"222-56bde48368e80"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/progress.js?v=8.3.9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/misc/progress.js?v=8.3.9
IP 147.135.91.235:0
GET /news555/core/misc/progress.js?v=8.3.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Thu, 10 May 2018 19:42:28 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af4a0a4-131b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/details.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/details.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/details.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:57 GMT
etag: W/"7f-56bde43258f40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/sites/default/files/languages/fr_vbm4t57cG08Oy4a4BibDLOar4i1jaA9lyPaZ_Ed9bn0.js?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/sites/default/files/languages/fr_vbm4t57cG08Oy4a4BibDLOar4i1jaA9lyPaZ_Ed9bn0.js?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/sites/default/files/languages/fr_vbm4t57cG08Oy4a4BibDLOar4i1jaA9lyPaZ_Ed9bn0.js?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 18:33:02 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"6293bc5e-397a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&cmcv=&pix=undefined&cb=1669954347337&uv=3245&tms=1669954347337&abt=amplean_vF!Noappq22_vC!ufm&ru=https://harissa.com/&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=774f5e5f-6a15-4bc1-8b22-bd1073ef96fa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.129.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&cmcv=&pix=undefined&cb=1669954347337&uv=3245&tms=1669954347337&abt=amplean_vF!Noappq22_vC!ufm&ru=https://harissa.com/&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=774f5e5f-6a15-4bc1-8b22-bd1073ef96fa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.129.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&cmcv=&pix=undefined&cb=1669954347337&uv=3245&tms=1669954347337&abt=amplean_vF!Noappq22_vC!ufm&ru=https://harissa.com/&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=774f5e5f-6a15-4bc1-8b22-bd1073ef96fa&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669954349.003123,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/link.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/link.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/link.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:22 GMT
etag: W/"d9-56bde48368e80"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
44.197.31.165200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 44.197.31.165:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:30 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/drupal.js?v=8.3.9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/misc/drupal.js?v=8.3.9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/misc/drupal.js?v=8.3.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Thu, 10 May 2018 19:42:31 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af4a0a7-49e0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/tableselect.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/tableselect.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/tableselect.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:21 GMT
etag: W/"12e-56bde48274c40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/node.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/node.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/node.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:21 GMT
etag: W/"62-56bde48274c40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/more-link.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/more-link.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/more-link.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:21 GMT
etag: W/"ab-56bde48274c40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/system-status-counter.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/system-status-counter.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/stable/css/system/components/system-status-counter.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:55 GMT
etag: W/"2e6-56bde43070ac0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/bootstrap/css/bootstrap-theme.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/bootstrap/css/bootstrap-theme.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/bootstrap/css/bootstrap-theme.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:46:14 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730daf6-5378"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.96200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.96:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Dec 2022 01:57:21 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hLZ1MS2M3xjHhGFs_YUC6N8jHJ8-sqw_7hRJQdh-ho3TJd5FRC55BA==
age: 8105
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/bootstrap/js/bootstrap.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/bootstrap/js/bootstrap.js?v=8.0.0
IP 147.135.91.235:0
GET /news555/themes/zircon/includes/bootstrap/js/bootstrap.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:46:03 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730daeb-ed09"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/container-inline.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/container-inline.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/container-inline.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:24 GMT
etag: W/"16b-56bde48551300"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/fieldgroup.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/fieldgroup.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/fieldgroup.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:57 GMT
etag: W/"5f-56bde43258f40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/reset-appearance.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/reset-appearance.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/reset-appearance.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:56 GMT
etag: W/"112-56bde43164d00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/css/html.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/html.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/css/html.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:42:19 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da0b-950"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/progress.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/progress.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/progress.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Thu, 10 May 2018 18:35:21 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af490e9-813"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/js/jquery.smooth-scroll.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/js/jquery.smooth-scroll.js?v=8.0.0
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/js/jquery.smooth-scroll.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:43:16 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da44-189f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/tabledrag.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/tabledrag.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/tabledrag.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:21 GMT
etag: W/"ca-56bde48274c40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/sticky-header.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/sticky-header.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/sticky-header.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:56 GMT
etag: W/"a3-56bde43164d00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/menu.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/menu.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/menu.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:22 GMT
etag: W/"2a0-56bde48368e80"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/css/responsive.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/responsive.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/css/responsive.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:42:18 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da0a-5061"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/exposed-filters.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/exposed-filters.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/exposed-filters.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:23 GMT
etag: W/"389-56bde4845d0c0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/container-inline.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/container-inline.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/container-inline.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:57 GMT
etag: W/"de-56bde43258f40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/resize.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/resize.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/resize.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:56 GMT
etag: W/"10e-56bde43164d00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/css/block.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/block.css?rifbr9
IP 147.135.91.235:0
GET /news555/themes/zircon/css/block.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:42:20 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da0c-7970"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/slick/slick/slick.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/slick/slick/slick.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/slick/slick/slick.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:42:29 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da15-df2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/css/slideshow.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/slideshow.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/css/slideshow.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:42:18 GMT
etag: W/"3cd-5326d2b031680"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/flexslider/flexslider.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/flexslider/flexslider.css?rifbr9
IP 147.135.91.235:0
GET /news555/themes/zircon/includes/flexslider/flexslider.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:45:42 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730dad6-1ab6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/respond/html5shiv.min.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/respond/html5shiv.min.js?v=8.0.0
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/respond/html5shiv.min.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:41 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da21-a4c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/position-container.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/position-container.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/position-container.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:56 GMT
etag: W/"5f-56bde43164d00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/css/page.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/css/page.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/css/page.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:42:19 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da0b-32d6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/breadcrumb.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/breadcrumb.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/breadcrumb.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:24 GMT
etag: W/"1eb-56bde48551300"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/pager.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/pager.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/pager.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:21 GMT
etag: W/"cb-56bde48274c40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/jssor/js/jssor.utils.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/jssor/js/jssor.utils.js?v=8.0.0
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/jssor/js/jssor.utils.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:45 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da25-15362"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=harissa.com
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=harissa.com
IP 178.250.2.146:0
GET /syncframe?origin=rtus&topUrl=harissa.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:28 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=0788f087-a483-423a-bc70-73524c6eab7a; expires=Wed, 27 Dec 2023 04:12:27 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 534313
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/action-links.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/action-links.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/action-links.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:25 GMT
etag: W/"340-56bde48645540"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=231&height=129&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1669954347358&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-149576639&tz=0&viewable=true&ddast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1149061&dpubid=216931&abtst=amplean_vF!Noappq22_vC!ufm&mPre=0.033&cirf=https%3A%2F%2Fharissa.com&en=1
151.101.129.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=231&height=129&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1669954347358&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-149576639&tz=0&viewable=true&ddast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1149061&dpubid=216931&abtst=amplean_vF!Noappq22_vC!ufm&mPre=0.033&cirf=https%3A%2F%2Fharissa.com&en=1
IP 151.101.129.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=231&height=129&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1669954347358&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-149576639&tz=0&viewable=true&ddast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1149061&dpubid=216931&abtst=amplean_vF!Noappq22_vC!ufm&mPre=0.033&cirf=https%3A%2F%2Fharissa.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://harissa.com
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1417
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://harissa.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 04:12:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669954349.058966,VS0,VE82
vary: Accept-Encoding
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/tablesort.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/tablesort.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/tablesort.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:20 GMT
etag: W/"7e-56bde48180a00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/modules/cookieconsent/css/light-floating.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/modules/cookieconsent/css/light-floating.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/modules/cookieconsent/css/light-floating.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Tue, 08 May 2018 19:51:50 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af1ffd6-d11"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/jssor/js/jssor.core.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/jssor/js/jssor.core.js?v=8.0.0
IP 147.135.91.235:0
GET /news555/themes/zircon/includes/jssor/js/jssor.core.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:53 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da2d-1189"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/item-list.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/item-list.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/item-list.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:57 GMT
etag: W/"11d-56bde43258f40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/slick/css/style.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/slick/css/style.css?rifbr9
IP 147.135.91.235:0
GET /news555/themes/zircon/includes/slick/css/style.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Mon, 09 May 2016 18:42:37 GMT
etag: W/"113-5326d2c250140"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/modules/cookieconsent/js/cookieconsent.min.js?v=1.0.9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/modules/cookieconsent/js/cookieconsent.min.js?v=1.0.9
IP 147.135.91.235:0
GET /news555/modules/cookieconsent/js/cookieconsent.min.js?v=1.0.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Tue, 08 May 2018 19:51:50 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af1ffd6-1207"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.1.1
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.1.1
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.1.1 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 19:51:25 GMT
etag: W/"364-56bdf58306940"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/modules/cookieconsent/js/cookieconsent.settings.js?v=1.x
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/modules/cookieconsent/js/cookieconsent.settings.js?v=1.x
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/modules/cookieconsent/js/cookieconsent.settings.js?v=1.x HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Tue, 08 May 2018 19:51:50 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af1ffd6-83c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/respond/respond.min.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/respond/respond.min.js?v=8.0.0
IP 147.135.91.235:0
GET /news555/themes/zircon/includes/respond/respond.min.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:41 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da21-1119"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/slick/slick/slick.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/slick/slick/slick.js?v=8.0.0
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/slick/slick/slick.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:29 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da15-b5e6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/icons.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/icons.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/classy/css/components/icons.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:23 GMT
etag: W/"1a5-56bde4845d0c0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 158576
etag: W/"c04-5ee0ab04c6251"
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731395f2f840b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/views/views.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/views/views.module.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/stable/css/views/views.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:48 GMT
etag: W/"13e-56bde429c3b00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/details.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/details.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/details.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:24 GMT
etag: W/"1ec-56bde48551300"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=djxWMl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKYUlnVHltZjVUSWMzOEJ1TSUyRjFvTGlrcmY2UDNDQklWY1NUemtVZlZVNQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 04:12:27 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=BVd2fl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKYUlnVHltZjVUSWMzOEJ1TSUyRjFvSll6YVJ5UlJVSVFCR1pqTiUyQkViR2hE; expires=Wed, 27 Dec 2023 04:12:28 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 159568
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/ajax-progress.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/ajax-progress.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/ajax-progress.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Thu, 10 May 2018 18:33:58 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af49096-40d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/align.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/align.module.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/stable/css/system/components/align.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:58 GMT
etag: W/"1e4-56bde4334d180"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/misc/ajax.js?v=8.3.9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/misc/ajax.js?v=8.3.9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/misc/ajax.js?v=8.3.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Thu, 10 May 2018 19:42:32 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5af4a0a8-bd82"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/modules/addtoany/js/addtoany.js?v=8.3.9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/modules/addtoany/js/addtoany.js?v=8.3.9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/modules/addtoany/js/addtoany.js?v=8.3.9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Tue, 08 May 2018 19:51:49 GMT
etag: W/"168-56bb71defdf40"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/tablesort.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/tablesort.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/tablesort.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:55 GMT
etag: W/"175-56bde43070ac0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/bootstrap/css/bootstrap.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/bootstrap/css/bootstrap.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/bootstrap/css/bootstrap.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
last-modified: Mon, 09 May 2016 18:46:13 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730daf5-205c2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/classy/css/components/tabs.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/classy/css/components/tabs.css?rifbr9
IP 147.135.91.235:0
GET /news555/core/themes/classy/css/components/tabs.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:35:20 GMT
etag: W/"1d6-56bde48180a00"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/themes/zircon/includes/jssor/js/jssor.slider.js?v=8.0.0
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/themes/zircon/includes/jssor/js/jssor.slider.js?v=8.0.0
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/themes/zircon/includes/jssor/js/jssor.slider.js?v=8.0.0 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2016 18:42:47 GMT
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
etag: W/"5730da27-27e0c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
harissa.com/news555/core/themes/stable/css/system/components/tree-child.module.css?rifbr9
147.135.91.235200 OK 0 B URL HTTP/2 harissa.com/news555/core/themes/stable/css/system/components/tree-child.module.css?rifbr9
IP 147.135.91.235:0
Analyzer Verdict Alert fortinet Phishing
GET /news555/core/themes/stable/css/system/components/tree-child.module.css?rifbr9 HTTP/1.1
Host: harissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/news555/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:24 GMT
content-type: text/css
x-content-type-options: nosniff
x-accel-version: 0.01
last-modified: Thu, 10 May 2018 18:33:55 GMT
etag: W/"1de-56bde43070ac0"
cache-control: max-age=1209600
expires: Fri, 16 Dec 2022 04:12:24 GMT
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7u7ECFgNpRZz9wzUZEwRpRZz9wzUZEwUAAAAGBuIHJLcbzVwr18wtWzhWa9HE41gLJ5bJWmJyDHablc05mzmMQHK70cy1cs3csoVjtRZNPI61cGKZrCUmx2C3Wdmcs5nDChXS9BlNB0nDaTaIiq63xe5wmj1v8EDT6fC57vVCh-Xp-TzsGr_bL3f5Pq_Vai-z3AEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fA-CTg-A9Z78_AAAAAEAAAAAASAAGnsZKACIQC0_-_________2MG6DNvZP7___9vDHoAHnwAHoQAAAAuhhjeDTRN_3N_iAoAixgBAAAAbGmpaB5N6oTKour__7_fCuAKACCAMDrhAy5Ld1DiLQwAAEBAbHEFAGZyPPx1bIEeFr_f7LBr_G6X_f________-b_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXMhRoOl0-Fz3eqHD8vR8HnaN3-0XHUErBoPVBcTsAAAAAO7-____8RZXAGAmx8Nf9UBmsDDtlrPBbmPy7BYWj2dhsvlGxtVuM5uZHCOT93T9IL32vyVo-iqk6TOaDpKG02wQFV1vi93hNHvuR9GS5W65W40mi9FoudzshpvRYH8DMVgNcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCFM2y8gx2E3cio1zuRYNZsa1xOWauBWj5XJk2g02rpXDLXp9TA_jZjBYOLwoGHCyF8nTIp3IRi6LxTRcTVYbl3PkGE1cJptv5LDYHLbBwrbaTcQSzckincgu-85gYdotZ4PdxuTZLSwez8Jk842Mq91mNjM5RiZ_y2YZOQa7iVuxcS7XosHMuJa4XBO3YrRcjky7wca1crhFr4_pYdwMBguHvzGbLZer0WY02zdms-VyNdqMZvsOk-mZ-pyNquXr1jH5xMOTamdzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYOZoPCN7wmhr-f-nntZm8HscGgiCWCi3QidFiens_D5nfdTQ7T0293Cx2Wp-fzsIglStNFOtHLXb7Pa7XayywXsURwukgnopfxdFH_kSEXc-VgLprMFavRKgEAAAAAAAAALGHOvAkAAADAaSCL2XKzWOdBLEbLwWyxXIAHTkddYBAAAAAAAIBdg1YEl39xs7nixo8z0GF5ej4Pm991NzlMT7_dLXRYnp7Pw8oAD5yNzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X0gKWAAAAAAAH6CGy4XAw!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://harissa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:12:29 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2