sohaib-hack.yoo7.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: sohaib-hack.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Sep 2022 18:02:17 GMT
Content-Length: 0
Location: https://sohaib-hack.yoo7.com/
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 17:44:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V7rZRtDdGOBB8ClW-iZX5UjW7pPb_KGUgRBXz4h-9HG2_F1O4F2rVQ==
Age: 1082
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9311
Expires: Sun, 04 Sep 2022 20:37:28 GMT
Date: Sun, 04 Sep 2022 18:02:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eTmHiFR-xL7M4T03Q3Uq3eEL7HkuYEOWWkBwYQ3jp7CohLIc3pt2hw==
age: 60420
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 78af76131c23b822bc636a8a6d6b6a95
efa93c04dbe99fa26e5b1694e42854f12663b551
88fd0fe24191c4e52b8e65cbc7b52c8401638cb78b4c9442c4b1c9a6a8320d7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88FD0FE24191C4E52B8E65CBC7B52C8401638CB78B4C9442C4B1C9A6A8320D7F"
Last-Modified: Sat, 03 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13846
Expires: Sun, 04 Sep 2022 21:53:03 GMT
Date: Sun, 04 Sep 2022 18:02:17 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 03:55:25 GMT
expires: Mon, 04 Sep 2023 03:55:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 50812
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 04a393832995fdd2ff9af4201898894f
bd7cdfb3eca24533412569e6ff1976087d702dd8
ab91ca133a0e29ac4f78752f38ded4137d4e14a17efad81a0f4de09652ae36c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6500
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Last-Modified: Sun, 04 Sep 2022 16:13:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-144347007-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
File type ASCII text, with very long lines (1615)
Hash bf5f11e27c3e71b4bca1e32d0cc72d28
662a46d371205a93613f09c6abf493cddd8a5ca9
45dfa3b49f1d2c0e6ba4ec4254fd34af0e152a98be335eaf4d5d211a4d6c90a3
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 18:02:17 GMT
expires: Sun, 04 Sep 2022 18:02:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 153d384c0d3a43d55c4d386d2572fa77
a644b4f8be9db0b3b1ea3e6fe0aa78d5986d0de7
5a7dfb5bb99101bd807d15157b4863e2c21f731f7905ad2a5a9c337dcf341621
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4297
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Last-Modified: Sun, 04 Sep 2022 16:50:40 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
www.googletagmanager.com/gtag/js?id=
200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP
File type ASCII text, with very long lines (1615)
Hash 8879e653924589a419b684723a5abbd1
0671d123838be2c21184a55d71c2fe8e776a56f4
074a677d6fcd85879d7407b089ce3e4ec066bf103441c7691f3c816b178701b0
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 18:02:17 GMT
expires: Sun, 04 Sep 2022 18:02:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 35631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
illiweb.com/rs3/62/frm/jquery//ticker/ticker.js
200 OK 1.5 kB URL HTTP/2 illiweb.com/rs3/62/frm/jquery//ticker/ticker.js
IP
File type ASCII text, with very long lines (2244)
Hash 927ac8efbee7cbf194680d159f7460cb
6bbb300d6a83a4046ea3eec4b6c3c9e5678edae7
89a09524dd7c3023091cdfea178590e8a98e679f94f2b22b7be636aebe0ea44c
GET /rs3/62/frm/jquery//ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:54:49 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2866048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpOjsVERTqXFOyTvXb0GoqFZS9sXAqs3ey8heBvUk%2BjqJLQSU8ucbwT0evmAdJt0%2FkUkP%2BElBM9Lcl5LdJmBLEXV8Gs%2BarJcVsjSNSiy0ulnC5I9x5RoP7YIybXtwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a4cc800b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6379
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Last-Modified: Sun, 04 Sep 2022 16:15:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sohaib-hack.yoo7.com/0-rtl.css
200 OK 54 kB URL HTTP/2 sohaib-hack.yoo7.com/0-rtl.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 15657b75c5cc966486e0936b57a75f91
6648af9a334ac0d636c5998cbc030b3381dcfb69
f9f80e0a45d031732c75e8c342855445ad1a8e64e6a70d1d02c336cd730ba8a9
GET /0-rtl.css HTTP/1.1
Host: sohaib-hack.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Cookie: exadd=166232
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: text/css
content-length: 54478
last-modified: Sun, 04 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/icon_minitime.gif
200 OK 194 B URL HTTP/2 2img.net/i/fa/onyx/icon_minitime.gif
IP
File type GIF image data, version 89a, 12 x 9\012- data
Hash 45df8fa66cbcbc9f4d5de9d4aa6d6cbd
7907f257cb3b4caa16ecfd2df17538d3a3a5a428
22d8ca8b8455b3caf467b34df658773bb22bc9b628c6264e9c09d66585fdcac1
GET /i/fa/onyx/icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 194
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-c2"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 389940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZPbA%2F2CySmnLtBX5uNSBJ%2BCrPTBNtLNgiyQI5yQe2wJVm%2FYof6hva8zzT0gvgXmrYQqQyp5cNrgRYfZ1KZydvg2P6jzIktBEwBhX%2FE7jUOAEo%2BegyMl4b6Unw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a71dbfdd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/10/09/04/i_back_catg.jpg
200 OK 1.0 kB URL HTTP/2 2img.net/s/t/10/09/04/i_back_catg.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x25, components 3\012- data
Hash be706da25fa3c28012bdb2a17de19696
edee687550e9592a275d2b5bf31c462879fe8c85
0ca5dca72f0f0c43b990f950ad48b697e696526ffdfea049f974a682caa55147
GET /s/t/10/09/04/i_back_catg.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/jpeg
content-length: 1024
cache-control: max-age=315360000
cf-bgj: h2pri
access-control-allow-origin: *
etag: "4cc82d08-400"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 27 Oct 2010 13:45:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 187780
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq%2B3IB%2Fxg1e07H3V%2F5kxV%2Bbuaqx11B0tRYmdCc1F6FwHpl5nHyUCe0QN1bK%2BksZkWYORNIwFvTpmjcXjzeMiMtNp8rYTOFvwsYU0afzcxSIly4h9VGeacX3Okw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a71dc2dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 396599
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCnhO13FmzMjttM8S7gfInFygfNG0915WOPa3NLJT5NfxwVLj9IIuUVHf5ApU84ENPCUp8piYK59AKbLA%2BpkRDXl5ePJIjmM6iwjz8djvn4W%2BSVporPpTZyXVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a71dc9dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/voting_bar.gif
200 OK 92 B URL HTTP/2 2img.net/i/fa/onyx/voting_bar.gif
IP
File type GIF image data, version 89a, 1 x 12\012- data
Hash cf4b618a0f193e881e9d099df15084fc
518eb65b6ce72b7668c60a1f1ef79374a605f5a9
5fe6d2d8a032128abd480a37020b6c6720888dddf99d7ad58c77e075b051ebb4
GET /i/fa/onyx/voting_bar.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 92
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-5c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 88701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUcNrXnCeycjcbzM7pWoAwWgOkBUUJgzvdrDioQ7AOo4Oit%2BUZ7pu7cvDZhb8nQjYeQPNJhCSDEeNevCMGyE%2BXfQ500RylQSGV0e047Os%2FhJkqCFPc%2FGOgnNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a71dc8dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/vote_lcap.gif
200 OK 168 B URL HTTP/2 2img.net/i/fa/onyx/vote_lcap.gif
IP
File type GIF image data, version 89a, 4 x 12\012- data
Hash 15dae637ad4a0503c38e166065912d87
fe2966bb1a8dc1c1e368a25e58c693900d5c2809
07300bb39c8e71fe0fcc840bcd6f0e5f717deddfe4df59f336f306135d4f48aa
GET /i/fa/onyx/vote_lcap.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 168
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-a8"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 88701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bGz0xf0bB0%2BqWNi5GVhR%2F6brNUty%2BPpc4WKuj2s%2FmXUNcZSVG9364DnBBfGvtJCuNLZNqRcDATtXvShAsyXygnkoNLcWyGb0SDUssha70%2BepLT8Q4SZMqSlPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a72dd7dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/onyx/vote_rcap.gif
200 OK 168 B URL HTTP/2 2img.net/i/fa/onyx/vote_rcap.gif
IP
File type GIF image data, version 89a, 4 x 12\012- data
Hash 49fdfe9a9adfd34a3e703a4649d97af7
fe1f34d436effebb10d5f4e3b249658712a66496
96650d8015e483387fd66e54012756ff2e9fb19ba042754644dccebcef58ca3a
GET /i/fa/onyx/vote_rcap.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 168
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-a8"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 87090
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOYmmWddTndYFTCOmOi0ek%2BFdivUExVkK1hl1f5l9jYwbiyFYPY8NArTiGT4gOUHovB0Kh%2FKPeJAYQlSaAY5tLZcXA0u9n2VQRdiCumJggyt89tGyNHh0%2BPvpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a72dd9dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f41/14/41/53/43/147.gif
200 OK 4.7 kB URL HTTP/2 i.servimg.com/u/f41/14/41/53/43/147.gif
IP
File type GIF image data, version 89a, 136 x 51\012- data
Hash 7cdd2c611d2ff1be72aec9de5aa085a3
c8e72f6efaf0d2eab137b36196883df4b17955c1
15c8c69660b671835f54442c6765bf6553313b912bdf9dc563fdf4b5f9a6d784
GET /u/f41/14/41/53/43/147.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 4735
last-modified: Tue, 10 Jan 2012 09:53:35 GMT
etag: "4f0c0a9f-127f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 11:40:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEDoDU%2B%2BK744alYrXafwxRQCx9ecZgLqWvRlflbIu9kYmhCgk8wsqUnIrPjnAFJ4OHbMrP%2BVl8CkaZBIwP2DWq5sehYWl3HAztCpAxc0Gus4jtpGo88D0x5%2FqDq38TqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7458a2a6fcd2b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1VOC7DSafKb3w4wG/5zhoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DS/FZq1C9dwNrWLUiefpHpkiMlU=
2img.net/s/t/10/09/04/i_back_title.jpg
200 OK 1.0 kB URL HTTP/2 2img.net/s/t/10/09/04/i_back_title.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x25, components 3\012- data
Hash be706da25fa3c28012bdb2a17de19696
edee687550e9592a275d2b5bf31c462879fe8c85
0ca5dca72f0f0c43b990f950ad48b697e696526ffdfea049f974a682caa55147
GET /s/t/10/09/04/i_back_title.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/jpeg
content-length: 1024
cache-control: max-age=315360000
cf-bgj: h2pri
access-control-allow-origin: *
etag: "4cc82d08-400"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 27 Oct 2010 13:45:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 187780
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3UwNXc3GHj%2BWhaSowYiiFjkeKFC2yemAcxDeMokafsP3qzMNyCB5WKwFH2Yl%2BlUh0eJWtxvs%2FiDFSPzycialC5rMH0Whcc3c%2Ft9EujU18xf%2FbQ6R89UxoumJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a77e64dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a6203932d202955eacda8e3000cb1b65
74fa2238e6f67ffe619fa1666f0376630fcde8d3
10f33bd7a02943785eec192f5893322e18922a60e2fb19b905c04e980d9f96b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10F33BD7A02943785EEC192F5893322E18922A60E2FB19B905C04E980D9F96B6"
Last-Modified: Fri, 02 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 04 Sep 2022 18:41:18 GMT
Date: Sun, 04 Sep 2022 18:02:18 GMT
Connection: keep-alive
i.servimg.com/u/f41/14/41/53/43/1011.gif
200 OK 4.7 kB URL HTTP/2 i.servimg.com/u/f41/14/41/53/43/1011.gif
IP
File type GIF image data, version 89a, 136 x 51\012- data
Hash 1baf0ad0d39e8942c21f0a97da9bcbac
8420606238b26411b3e24982ddea692a07aad8f0
9906de523afa2f3566e5468b6a8f41cd59f58d84ea4dc5df8a25372ce2bb2d50
GET /u/f41/14/41/53/43/1011.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 4719
last-modified: Tue, 10 Jan 2012 09:57:12 GMT
etag: "4f0c0b78-126f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 00:27:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxd6PTWFIfCXh2LHK0FqHBNdqBakYNWj5dzZjKPGCoqZTdub%2BZ7yaeNY0b%2FDBGX6szXFchcORBnwh0W6QpQLwSoOOTOvSnPtuvWak62dSNB4n1sVnNIJcflkcX0bVS3l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7458a2a71cf5b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f41/14/41/53/43/1610.gif
200 OK 18 kB URL HTTP/2 i.servimg.com/u/f41/14/41/53/43/1610.gif
IP
File type GIF image data, version 89a, 136 x 51\012- data
Hash 9020f745b3831334e0fa5a7efa6c5cd2
79d3fe537678fda8b66e781d771fe0e78f163ee8
621f09680d5731d2cf36a4ab21d38f1fa0aa53c45e7f4dce126271a2799299ed
GET /u/f41/14/41/53/43/1610.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 17482
last-modified: Tue, 10 Jan 2012 09:58:37 GMT
etag: "4f0c0bcd-444a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 19 Aug 2023 10:08:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY8IGMB4qI4IWwGgkeYus78Td3f8rkDHDfeGRL0WZtWzFSmt9I9TL%2BD8HqinEQEXZoJyCy5iOSZhSmFi7bNBHJmbYdjVz7sqIWADTwI27nWnDjH3Ey4PWKqqDhrseBUg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7458a2a6dca3b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 5412d65519ee785a59d6bfc7b0be9a2c
6f07fd9e8f825f2f6c95a593bf6a59d5e53ecd76
abf1b5b9246447b5cb9f8105d7aa1273b56119ee281bdb90ff9384e2dca81ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 407
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:18 GMT
Last-Modified: Sun, 04 Sep 2022 17:55:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
2img.net/h/i1009.photobucket.com/albums/af213/catlak-site55/button2-1.png
200 OK 5.7 kB URL HTTP/2 2img.net/h/i1009.photobucket.com/albums/af213/catlak-site55/button2-1.png
IP
File type PNG image data, 190 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 0eb2b30e7428541782f274b821c2a82d
37b66fcc4072e5818c4c17819e005dba56c6973a
d9786be975895bcf1e191a2e85bc15dba736b095987142c9823793a829b242e4
GET /h/i1009.photobucket.com/albums/af213/catlak-site55/button2-1.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/png
content-length: 5681
last-modified: Sun, 28 Mar 2010 19:52:52 GMT
etag: "4bafb394-1631"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5LdbCvfZZzVGjbzJpcQlSCVJBfzLO47M9467y1nmV0keZNE%2FQ%2FKmqxo0ZgA%2BNYDlshP%2Brru4QXVjRVEwUsAdPbki9whZ28gfa0hAKzQWKqdT9P1ocAuC2l9JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a71dc6dd75-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f30/17/80/76/73/matrix10.jpg
200 OK 33 kB URL HTTP/2 i.servimg.com/u/f30/17/80/76/73/matrix10.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash 527df2e6c79ce0ca7589d433549d0989
6af56bcda47f5571def0171ca704afe93d1d97a3
bb6e094fdebf17b16c829bc3ed7c904c3c51b89da69abf66fdafc0afa7664967
GET /u/f30/17/80/76/73/matrix10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/jpeg
content-length: 32779
last-modified: Sun, 21 Oct 2012 23:23:13 GMT
etag: "508483e1-800b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 18:02:18 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ok20ilRaTGBpbbQyfT83352yDajrnMYM4sIhZM8a3Cr1eWLATb0QRHxYCbMo%2BkBeUrGCa1udQzdN9xTNXoavdc79V9etvSc3efKHz7sGiojQY4YgJ%2Bn7SadgL1WaX822"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7458a2a6ecb4b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f41/14/41/53/43/1510.gif
200 OK 4.6 kB URL HTTP/2 i.servimg.com/u/f41/14/41/53/43/1510.gif
IP
File type GIF image data, version 89a, 136 x 51\012- data
Hash 00b4432d4af6783622a661f721b354c0
7c24e06a32bf7c70931f18ef837b9fcd8e5a12b8
be39636f02b3a1e02cf4a9f82cde917bd13237ac37395b13d58178f778cc4cf1
GET /u/f41/14/41/53/43/1510.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: image/gif
content-length: 4647
last-modified: Tue, 10 Jan 2012 09:58:24 GMT
etag: "4f0c0bc0-1227"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 18:02:18 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXy5MT%2Fy9RulsycDZfHkAr993BZaUKpthM%2FQ6BhKSm1hpEgmT1iLKepnuVuuab4pHLe29crPc%2B2ZJCt7bbgHW9f%2BodgwrMfcW0rAcXCW6S3MjAZsv9z4nIXX1V5uP2ty"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7458a2a6fcd5b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=sohaib-hack.yoo7.com&var=&ymid=&var_3=
200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=sohaib-hack.yoo7.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 92ec0e16e80a45cba3bc88ae8234a495
a115bbf586523cef5066547c4d507be52135efaa
a7e311ffd4ebae88392201fb172c435aa778ffa3c85a88535736cbad48f2ce8c
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=sohaib-hack.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 7b7b4a7d39d87a5349e3d8a7aaddda71
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.391
200 OK 72 kB URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.391
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 717bf00b4de2fa2411d87e9899f23218
a0d864feafc1a539468bc7b0f304094eff2d3a20
edd0cf38e38b21966cb5a3315858906294a9e7537537c19dfa7b089c5546dc6f
GET /pfe/current/universal.min.js?v=3.1.391 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-20481"
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash ce1f13ae8b356b171bf40557fe41100d
e36c2aafd4aac62950c0a73e264b987a298aee83
9848c56078664371723337fa45e864d3e350d535278a82d929d36c76bdfe6217
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 470
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:18 GMT
Last-Modified: Sun, 04 Sep 2022 17:54:28 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 04 Sep 2022 16:41:12 GMT
expires: Sun, 04 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 4866
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=VOxfol80M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6U2VlakVweThZS2xZcndMSjhZWiUyQnN6; expires=Fri, 29 Sep 2023 18:02:18 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 197887
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 1.5 kB IP
Hash a08293f5b36e1d92e8bfe7c019118fbc
c291755500e7c255ddd4cc6a8974da341e8a7c0f
e19156595e07709d6d165c86210659471794514982d7e1ecfc3ecd0af33d8710
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4956
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:18 GMT
Last-Modified: Sun, 04 Sep 2022 16:39:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
sohaib-hack.yoo7.com/?utm_source=pwa
200 OK 13 kB URL HTTP/2 sohaib-hack.yoo7.com/?utm_source=pwa
IP
Hash be245e45a6af075e67b65f69ffb3788c
e2e560e09bbe9efc8434b5f8f0e725794c3b5479
15873fbd4a53371d6d54576f4089a6efb507d3546697f275309e2372ba5c8149
GET /?utm_source=pwa HTTP/1.1
Host: sohaib-hack.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166232; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 04 Sep 2022 00:00:00 GMT
last-modified: Sun, 04 Sep 2022 18:02:18 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sohaib-hack.yoo7.com
200 OK 11 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sohaib-hack.yoo7.com
IP
Hash 7025c09e6fbef25928436e46608b67c0
3cc8eec004230b72c7e444192e2db215abfde5e0
af823093df0eb71350d7408add1736bd87b79b1af1002f5dfdb522f4fb6898b8
GET /syncframe?origin=publishertag&topUrl=sohaib-hack.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=cc469cbd-cf05-4bde-94b9-7c766268c2d3; expires=Fri, 29 Sep 2023 18:02:17 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 486037
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1335c577bdd4978723591685f0c73add
e29054164f0f1a48b17fdd7580c6f461fce9eb45
99124593c9d8f090ed1c445e866ad3d46b06f0f211e7c641fa768d3cef9c960c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99124593C9D8F090ED1C445E866AD3D46B06F0F211E7C641FA768D3CEF9C960C"
Last-Modified: Fri, 02 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7894
Expires: Sun, 04 Sep 2022 20:13:52 GMT
Date: Sun, 04 Sep 2022 18:02:18 GMT
Connection: keep-alive
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sohaib-hack.yoo7.com/
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sohaib-hack.yoo7.com/
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
200 OK 283 B IP
Hash d02a51589c4ec6b20ffc83349785f740
a41435d1a6ff792b9761cf437b11484e2f0afd0a
e9e5007c53abeccebf0303f6273e802bfd7734f6e6914fa261166a839f814135
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 18:02:18 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 00:47:11 GMT
Expires: Sat, 10 Sep 2022 00:47:10 GMT
Etag: "a41435d1a6ff792b9761cf437b11484e2f0afd0a"
Cache-Control: max-age=455691,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458a2a9de8f0b3d-OSL
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Content-Type: application/json
Origin: https://sohaib-hack.yoo7.com
Content-Length: 456
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1bdf5f0a1769f69601469efb81f128c2
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: OeTetEsBasSxUsBOFuNvzYCJWwDeidt7U9Wf3wCp5zeJCK2HhBObfGX+N/Ko8tx+E9Zgff6jUt0=
x-amz-request-id: S1072JJNTPDX98ZC
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 497540
expires: Sun, 11 Sep 2022 18:02:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2ab2a01b4fa-OSL
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Content-Type: application/json
Origin: https://sohaib-hack.yoo7.com
Content-Length: 377
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2361b2e3244667d9685f3796136c73a4
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=sohaib-hack.yoo7.com&info=mTqdj180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6UnBISlduT256N3h3QjJmZ2tibHAzSA&idsd=-825347734,-1177677733&cw=1&lsw=1
200 OK 297 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=sohaib-hack.yoo7.com&info=mTqdj180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6UnBISlduT256N3h3QjJmZ2tibHAzSA&idsd=-825347734,-1177677733&cw=1&lsw=1
IP
Hash b968f1e4b8758e37f21561db886f5fa1
750433d8edd8d08cc2927722b01eca08c0f7f3d7
6eaa82d00f15da7cff2e3f1af8e804ac3f615d6f8e743ae7fbad5ddc6259f6bd
GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=sohaib-hack.yoo7.com&info=mTqdj180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6UnBISlduT256N3h3QjJmZ2tibHAzSA&idsd=-825347734,-1177677733&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 754273
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 146 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Size 146 kB (145938 bytes)
Hash 4253c597408adc7d7db834487f7ac0e0
d33d2d6b8d5e3b03ea4845bb34462f886bd9f699
42ad45ea740885fe13c29864cd8bc43b0c507f0a312408ff4ae4a695f1d6b062
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 94678
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 488ec78816064fabd682177251390307
41be78bcf67ad3f00f6c731778c235d0f71085b9
185d16731dd76e85938803a5a46ad55a78a3debba01199fb2a53d7a9ae7b9dd3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 18:02:18 GMT
Last-Modified: Sun, 04 Sep 2022 16:43:19 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u9vC8NvAJvY_omzD0L--IAMtodGbKoKU_XW5saqOxvGrb2_3UeZbjQ==
Age: 4739
api.viglink.com/api/ping
200 OK 260 B IP
File type ASCII text, with no line terminators
Hash 5e21e8dfbd80b93d1e4f50d70cff75ce
9d18337217e13362eba1f927be01e5e552ad3021
ecb093c702458a8f0f730c0e4f10cc37839eba192983874b85edd35f2eed1e44
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 129
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sohaib-hack.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Sep 2022 18:02:18 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Content-Type: application/json
Origin: https://sohaib-hack.yoo7.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8bfb435bd4a15e23f60eed724403c1c7
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 41ea586f0e66dcd46f50ab3938543b12
d7a3d6a40066652fc85cdaab9e613246b6af4aab
60b133ec87e89ec28689b760f6ce265eee0e935dca93f42543885a05f8b19a79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 18:02:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 18:25:21 GMT
Expires: Thu, 08 Sep 2022 18:25:20 GMT
Etag: "d7a3d6a40066652fc85cdaab9e613246b6af4aab"
Cache-Control: max-age=346380,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458a2ac69b1b500-OSL
my.rtmark.net/gid.js?userId=4799715e298e4b88b3b201a6df2eb0db
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=4799715e298e4b88b3b201a6df2eb0db
IP
File type JSON data\012- , ASCII text
Hash 58f24a4018f4205dc53e67fe18379930
aa606154d9ed2da9c4dbcaf70627f32be9230237
4b0c2a8563e78453125a974b2f2675008ddb2e7c034152c23ec94ef4b9ea0c5c
GET /gid.js?userId=4799715e298e4b88b3b201a6df2eb0db HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4799715e298e4b88b3b201a6df2eb0db; expires=Mon, 04 Sep 2023 18:02:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=55e2019bd6874a17ac7317244e0ef9d1&zoneId=2308013&checkDuplicate=true&ymid=&var=
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=55e2019bd6874a17ac7317244e0ef9d1&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP
File type JSON data\012- , ASCII text
Hash 195e841d9980c8a47f4e375e5174b1c6
8a4a34de631cddc0e34e698686099404d1f9d69d
895361a0b53564c5469827b839a01f88ef4f7b53c60546ddc41c0d3dd1a9029d
GET /gid.js?pub=0&userId=55e2019bd6874a17ac7317244e0ef9d1&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=55e2019bd6874a17ac7317244e0ef9d1; expires=Mon, 04 Sep 2023 18:02:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 04 Sep 2022 18:02:18 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&gjid=941086525&_gid=1691618778.1662314535&_u=YEBAAUAAAAAAAC~&z=1011943487
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&gjid=941086525&_gid=1691618778.1662314535&_u=YEBAAUAAAAAAAC~&z=1011943487
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&gjid=941086525&_gid=1691618778.1662314535&_u=YEBAAUAAAAAAAC~&z=1011943487 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sohaib-hack.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Sep 2022 18:02:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=yjzTtYTY-3j1uR1KLpQYdvOCuGIp7Pp_r6lFxJFUHx43liZziajcw0aIvn7rfRvQe32AQH6BkUamASMssjqLycM1pT6AWyqhJMwrGI_BE4ndHLY3ARfBSeEJQuJ806pLLY4ywJzZYh1gYw3OAket29FMPBurMWmLrL-VWA-j36YGXvmDyFSRt3tyRrOPH2Y47APlCW_Qy6r3ttE6JIH_xBXbzE7ZUSVN0S0s_A%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fsohaib-hack.yoo7.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=fd0819b2-b4e5-46f0-9d8e-bf277b0bd1f5&userId=4799715e298e4b88b3b201a6df2eb0db&m=link
200 OK 1.7 kB URL HTTP/2 cdn.betgorebysson.club/?rb=yjzTtYTY-3j1uR1KLpQYdvOCuGIp7Pp_r6lFxJFUHx43liZziajcw0aIvn7rfRvQe32AQH6BkUamASMssjqLycM1pT6AWyqhJMwrGI_BE4ndHLY3ARfBSeEJQuJ806pLLY4ywJzZYh1gYw3OAket29FMPBurMWmLrL-VWA-j36YGXvmDyFSRt3tyRrOPH2Y47APlCW_Qy6r3ttE6JIH_xBXbzE7ZUSVN0S0s_A%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fsohaib-hack.yoo7.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=fd0819b2-b4e5-46f0-9d8e-bf277b0bd1f5&userId=4799715e298e4b88b3b201a6df2eb0db&m=link
IP
File type JSON data\012- , ASCII text, with very long lines (2187), with no line terminators
Hash f6dac088fb4d23d6e4b5fe3430a763aa
1f44e245be618528f95871af33a09f8a470b02c7
ce5b94d088f5931de756259dcc26ba2669a210fd0fe755b8755650bf2d38f2e2
GET /?rb=yjzTtYTY-3j1uR1KLpQYdvOCuGIp7Pp_r6lFxJFUHx43liZziajcw0aIvn7rfRvQe32AQH6BkUamASMssjqLycM1pT6AWyqhJMwrGI_BE4ndHLY3ARfBSeEJQuJ806pLLY4ywJzZYh1gYw3OAket29FMPBurMWmLrL-VWA-j36YGXvmDyFSRt3tyRrOPH2Y47APlCW_Qy6r3ttE6JIH_xBXbzE7ZUSVN0S0s_A%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fsohaib-hack.yoo7.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=fd0819b2-b4e5-46f0-9d8e-bf277b0bd1f5&userId=4799715e298e4b88b3b201a6df2eb0db&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Cookie: OAID=4799715e298e4b88b3b201a6df2eb0db; oaidts=1662314538
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json
x-trace-id: 9da0f57bbb647b762173bf60dd38cdd5
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4799715e298e4b88b3b201a6df2eb0db; expires=Mon, 04 Sep 2023 18:02:19 GMT; path=/; secure; SameSite=None
oaidts=1662314539; expires=Mon, 04 Sep 2023 18:02:19 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Sep 2022 18:02:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 477
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=18%3A02%3A15.340&type=usage&msg=rtus&llvl=2&id=3460&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=18%3A02%3A15.340&type=usage&msg=rtus&llvl=2&id=3460&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=18%3A02%3A15.340&type=usage&msg=rtus&llvl=2&id=3460&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
x-fastly-to-nlb-rtt: 22913
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 04 Sep 2022 18:02:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
connect.topicit.net/scripts/connect.js
200 OK 1.3 kB URL HTTP/2 connect.topicit.net/scripts/connect.js
IP
File type ASCII text, with very long lines (615)
Hash 2b689fa08520e95e4f2dc23e93f4297f
f21d82e9b724dbe5fc5953bcb87aac127bd720d4
74e937de64bef4aea35904f4312f4126617ea58b3e2c4a04314fc3ffb7706435
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 1676
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HRgpaamNl%2BIMd2ApKi6SSpOFLYsuI9kuBG2PF5bTyWZKgop59OxRdD%2B08YFyBBe0LGi0xgo4wwni%2F%2FzRp7Jzmz8eatAK8veg1%2FFtu6%2Fjum3TAjLBTx%2BYjiZ3r3wzfTFEhr4OyOL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a81cdcb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
Content-Type: application/json
Origin: https://sohaib-hack.yoo7.com
Content-Length: 741
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: da750fcf6e0faff8979c36f213b0653a
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eebb383a38a8f985b59a62820595689b
4d7bbcdeaa48e211743257c973ae2559b404d561
c8cf6bfc6865d4b25e7ef0df77478f47c4043b639aed462a2c6a0ba5439c3522
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1278db78948279716d72ac203ad8fb0d
1746b9863b781ed9a0c26a126b9b80d36c903974
8d9e31a35490bc2ebef4c4c2152c89b62491c0cdfc31ec0594bc21fd2e9f43f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/userx.20220901-10-RELEASE.es6.js
200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220901-10-RELEASE.es6.js
IP
File type ASCII text, with very long lines (17842)
Hash 86179c440fd598bfd0689ac42c5b5c45
a450e7b01df54841ca3fe8d36349f7a5a1e9d38c
70c3a69cf75972a5e31f24e4bb9f0aecee679a397c18171ac014a2d528e12810
GET /libtrc/userx.20220901-10-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ak8zY4HYbTJGoC2kiczoHp+BuYwPX8VevRhMmE/I8Gp/WCOkdkipA5F5h2x5pimS5D9kV9fEVEM=
x-amz-request-id: EJ9X0VHVGV42TKRH
x-amz-replication-status: PENDING
last-modified: Sun, 04 Sep 2022 09:04:56 GMT
etag: "436f1b0b54edb1f3ff2ea247278423cf"
x-amz-version-id: vAM5dKEeh5RzT8WJ_o9mWm8NjOiOdn93
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
via: 1.1 varnish
age: 45
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662314540.516120,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 90
content-length: 5398
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 8457e12cd5708c4e3f0e343c3cbdb1a4
22f1968e22e2074d6cbe7cb7950145aec3b5d65c
690ca803cd2ff0f41cce92f29af8ae6c644252a5dd685deb1b8754ce99cf2109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:19 GMT
Last-Modified: Sun, 04 Sep 2022 16:16:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash bf038565daeb4b693c1d2984b022c1bb
de68140fd472d49e65f927323254e319de1d6de0
6bc6d7c0c5527a54effb1455d6b61802893872e855991ce877e2776b1696d9b7
GET /lite-unit/3.9.2/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 09:04:08 GMT
etag: "9b41d4f2702a079eae60f297e3e0c705"
server: AmazonS3
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ZkOQSmMX58boQEhuLMNGLbiMEFwoJa1Xyk_brDHtgEZVsOyVt2ixSw==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
age: 550522
x-served-by: cache-bma1640-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 15245
x-timer: S1662314540.519057,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29862
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:19 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/56WvrQc/shutterstock-1402965272.jpg
200 OK 7.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/56WvrQc/shutterstock-1402965272.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 163e370d366e9c27a22f1097363646ac
de82a3df9ba2932d10db80ccf4e834355a966e28
893e5ad191f2a546915d4ab3af814d5ad58459d3e6fc5d7668afa21f6040d26f
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/56WvrQc/shutterstock-1402965272.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 439498910958841147041856221042181885431,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 439498910958841147041856221042181885431,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "06725165822f0ff3a2a204bceea361fd"
last-modified: Sun, 03 Jul 2022 15:37:51 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 56d287bd228f69c562341a61c3bba71f
x-envoy-upstream-service-time: 777
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
age: 5244681
x-served-by: cache-iad-kcgs7200072-IAD, cache-iad-kiad7000159-IAD, cache-lga21978-LGA, cache-iad-kcgs7200084-IAD, cache-bma1640-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 1, 593
x-timer: S1662314540.581733,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/56WvrQc/shutterstock-1402965272.jpg
x-vcl-time-ms: 1
content-length: 7808
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
200 OK 3.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 070e435b5d2270ca27d12299c6b49656
42301385e826d72d2f16565deb7fc3e88097184d
57ebc32a26de1bd5e0014f1f40a02602c283a37f6b6e589e566dc55b6c147b87
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 425835379569954214865319743616880450737,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 425835379569954214865319743616880450737,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "1b6ab72960738fb30f70c14feb0de41a"
last-modified: Sun, 08 May 2022 18:30:14 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 7afbebcc77e13ee4e42d2c7eb84c6822
x-envoy-upstream-service-time: 9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
age: 7779098
x-served-by: cache-iad-kcgs7200176-IAD, cache-iad-kiad7000045-IAD, cache-chi-kigq8000138-CHI, cache-iad-kcgs7200110-IAD, cache-bma1640-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 1, 1, 1, 1
x-timer: S1662314540.594969,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
x-vcl-time-ms: 1
content-length: 3272
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb85af70c78e55637d8509c56353cd74.jpg
200 OK 4.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb85af70c78e55637d8509c56353cd74.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 38e2b8bc760d7e43ed2133ed8729ea4e
c0e537893601cc4ba88000213ee57cb11d9311ae
019b7a570e00ce8c11273cc00febc32c66dbfd79581a0f5e3afebd0f68441ba1
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb85af70c78e55637d8509c56353cd74.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 313198434263196175663509327644304820424,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 313198434263196175663509327644304820424,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "2991923269da486742049114080242cc"
expiration: expiry-date="Thu, 07 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 06 Jun 2022 19:17:52 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 66
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
age: 5809790
x-served-by: cache-iad-kiad7000179-IAD, cache-iad-kjyo7100082-IAD, cache-bur-kbur8200038-BUR, cache-iad-kjyo7100141-IAD, cache-bma1640-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 1, 1
x-timer: S1662314540.595010,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb85af70c78e55637d8509c56353cd74.jpg
x-vcl-time-ms: 1
content-length: 4810
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com%2F&encoded=1&uid=5bc137c6-f640-49d6-8e75-5406da178a2b-tucta0e6dab&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662314535909&tagid=&cntry=NO&platform=1&sesid=6ce434b54ee244936651d16a58138a27&itemid=/&viewid=1662314535346&geolat=&geoing=&deviceifa=&appid=&sd=v2_6ce434b54ee244936651d16a58138a27_5bc137c6-f640-49d6-8e75-5406da178a2b-tucta0e6dab_1662314539_1662314539_CNawjgYQ3pxDGLKzq82wMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d2c5fd42d8a18fa58347460b2c3c99f5&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891
200 OK 17 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com%2F&encoded=1&uid=5bc137c6-f640-49d6-8e75-5406da178a2b-tucta0e6dab&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662314535909&tagid=&cntry=NO&platform=1&sesid=6ce434b54ee244936651d16a58138a27&itemid=/&viewid=1662314535346&geolat=&geoing=&deviceifa=&appid=&sd=v2_6ce434b54ee244936651d16a58138a27_5bc137c6-f640-49d6-8e75-5406da178a2b-tucta0e6dab_1662314539_1662314539_CNawjgYQ3pxDGLKzq82wMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d2c5fd42d8a18fa58347460b2c3c99f5&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891
IP
Hash 6607e27615505943a6599806f8995e65
e84522862269d6bcb8c03a8d4184a7037b2d885a
a9ac3628c12cbd628a10900cbad407a18b05e7559a3b14802b43420c21d42ee3
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com%2F&encoded=1&uid=5bc137c6-f640-49d6-8e75-5406da178a2b-tucta0e6dab&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662314535909&tagid=&cntry=NO&platform=1&sesid=6ce434b54ee244936651d16a58138a27&itemid=/&viewid=1662314535346&geolat=&geoing=&deviceifa=&appid=&sd=v2_6ce434b54ee244936651d16a58138a27_5bc137c6-f640-49d6-8e75-5406da178a2b-tucta0e6dab_1662314539_1662314539_CNawjgYQ3pxDGLKzq82wMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d2c5fd42d8a18fa58347460b2c3c99f5&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1444
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314540.542011,VS0,VE34
vary: Accept-Encoding
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f0069291ecad4df7fbf4472d42cad0d.jpg
200 OK 5.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f0069291ecad4df7fbf4472d42cad0d.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b6425ab8c0fb1877cde142ae99ce8208
4d8a1e83d1006da3cbc4ae7da40f90e8c2c8928f
fcdf1d6b8145e849a98b86cdceb2d316ee4a32701f14cb125f12c0b9a2c598a0
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f0069291ecad4df7fbf4472d42cad0d.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 353428387715923786432669082832912763670,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 353428387715923786432669082832912763670,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "2a6cc09c504ead348789537964927f89"
last-modified: Sun, 10 Jul 2022 02:44:13 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 7aea7409c159ba2ff0b6d1b2fd3c7ad7
x-envoy-upstream-service-time: 135
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
age: 2671077
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200157-IAD, cache-lga21981-LGA, cache-iad-kjyo7100162-IAD, cache-bma1640-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1662314540.594922,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f0069291ecad4df7fbf4472d42cad0d.jpg
x-vcl-time-ms: 2
content-length: 5116
X-Firefox-Spdy: h2
illiweb.com/rs3/62/frm/lang/ar.js
200 OK 30 kB URL HTTP/2 illiweb.com/rs3/62/frm/lang/ar.js
IP
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash 601223cd1763c306f2d7131a292c1f0e
5fd98274ea93520038c1e35c9ad7c4bb479e2ba5
67d2c908559be6ff6ca44ad9a4c93079e916f6703bfb01b6d0537fdc9d911c26
GET /rs3/62/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74831
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:57:26 GMT
last-modified: Mon, 01 Aug 2022 14:50:40 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2865891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73V%2FTztoO5NE97gPbYjrCIy2uxqHW9RLla49uLx6Szf17ZXB4xjykqfpN%2Bz4vImHnFo9NmTuw5UNa0ENYn9v%2FhKUrF29GUEAdyQk5bVfUmlCxSAg0Nz2mOx1mdCnXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a4cc730b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 18:02:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 18:02:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 18:02:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Sun, 04 Sep 2022 19:38:36 GMT
Date: Sun, 04 Sep 2022 18:02:19 GMT
Connection: keep-alive
gem.gbc.criteo.com/newidsd
200 OK 15 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash 61f417a9c19ef8f68fe84cf88690c08b
b483554b9f92f84b24c4fd8bd563b861276832cc
0a9badf54f4e960f42bf74b633dc9141a9841083fa4bc28d100783b41fad730f
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 158549
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdfdf7e36f78f2f0e4d7ede9fdb76a8
babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:26 GMT
age: 72653
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: e408351e-ba6c-4e55-815d-449af808282f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5yMEFBLoAMFtqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313ca4d-13831d8572a3b3cf54a0e747;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:42:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GFM9jerDkTPdhlUTm99E7Lpksw2ZGnV81bNVaZLvWSAiRNDNtkZi4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:48:07 GMT
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
age: 72852
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb23e94d-8ec7-469f-94d2-e08f8feef5d5.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb23e94d-8ec7-469f-94d2-e08f8feef5d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e571197d8c99877f806a60c79368d657
3578b5c8eba646e94f574a996703d6b7b4911ab7
290a444ba0f434f25313d9ce96f93bcb749cb5c7d8bad51a63c2775539b594fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb23e94d-8ec7-469f-94d2-e08f8feef5d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9428
x-amzn-requestid: 050a7e34-6ee3-4562-bd9d-8122b0432cc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjaFXEoAMFjnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7af-4915a10726ffab79380d6a52;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M_WqsKzaeYjV_bY_1ZYgElrRKbQGetGVvkO8wf1kMXNxPyuFOnmwsA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:17:08 GMT
age: 71111
etag: "3578b5c8eba646e94f574a996703d6b7b4911ab7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc4ceb10dd9fcaab21ae58dcf10c401f
6ce530af682094dc5413db9de02565691fab4da7
84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sywGj-wLtW091vZYhx1AbRAgljYQWe6LuffDjwTDhEebqVzxpQuzEQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:58 GMT
age: 51201
etag: "6ce530af682094dc5413db9de02565691fab4da7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uz2NbcE4AmOvFQkhJALSpXCGizilya0TuFcczfEwtV09cGXtgVNlpQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:04:35 GMT
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
age: 71864
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 68a326c73aa5680fe4d4f93a1a8c49df
756253e4bc17adff8084f19a3aadf1f616e62d48
bd89d8561516a9db534a5d8dbd5c0dc2378fda35563d3c07c1ad9c75d13a5167
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 228
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sohaib-hack.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Sep 2022 18:02:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 39 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c06264be84fa3949f07482842e9e1409
5bb54947be736a8d73b109b562133a7f50a624b9
c031b3ffbd42b754999f93c391853f57ee08b2fc843f6eaacadc5a551d860705
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 122150
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&cmcv=&pix=31589837&cb=1662314536293&uv=3221&tms=1662314536293&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662314533258!ts:1662314536293&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&cmcv=&pix=31589837&cb=1662314536293&uv=3221&tms=1662314536293&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662314533258!ts:1662314536293&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&cmcv=&pix=31589837&cb=1662314536293&uv=3221&tms=1662314536293&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662314533258!ts:1662314536293&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=18%3A02%3A15.962&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1604&cv=20220901-10-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=18%3A02%3A15.962&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1604&cv=20220901-10-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=18%3A02%3A15.962&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1604&cv=20220901-10-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
x-fastly-to-nlb-rtt: 83650
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=sohaib-hack.yoo7.com&bundle=Qkdvul91WmFWb01kMmc2dFdPaCUyRmNIdyUyQkg4YkszR003QlhNTjF2eFN6YlRyY3dpTVBEJTJGU20lMkJleHN3c09odktmRGtYZUdXSnlCWEJveCUyQk1KdTM2QUtkQmNobnBqMk5iWlM0ZUpMenlQbzZvVU9XcmZ5dDhkendKckFIcThFaDdCWiUyRmlGRA&info=1fK_P180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6USUyQjRIZExyc3FwMHpSTlI5RExwTUJH&idsd=-825347734,-1177677733&cw=1&rtusCallerId=72&lsw=1
200 OK 794 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=sohaib-hack.yoo7.com&bundle=Qkdvul91WmFWb01kMmc2dFdPaCUyRmNIdyUyQkg4YkszR003QlhNTjF2eFN6YlRyY3dpTVBEJTJGU20lMkJleHN3c09odktmRGtYZUdXSnlCWEJveCUyQk1KdTM2QUtkQmNobnBqMk5iWlM0ZUpMenlQbzZvVU9XcmZ5dDhkendKckFIcThFaDdCWiUyRmlGRA&info=1fK_P180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6USUyQjRIZExyc3FwMHpSTlI5RExwTUJH&idsd=-825347734,-1177677733&cw=1&rtusCallerId=72&lsw=1
IP
Hash 0ddc697c38db4d84ea730a9ffdab23ed
99a76547a0d8ad21f396172850829f3007697723
8f285de24f4b6d36b576cf253b7c59a9b6f7c8dc139fe405d91de35e7c622d95
GET /sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=sohaib-hack.yoo7.com&bundle=Qkdvul91WmFWb01kMmc2dFdPaCUyRmNIdyUyQkg4YkszR003QlhNTjF2eFN6YlRyY3dpTVBEJTJGU20lMkJleHN3c09odktmRGtYZUdXSnlCWEJveCUyQk1KdTM2QUtkQmNobnBqMk5iWlM0ZUpMenlQbzZvVU9XcmZ5dDhkendKckFIcThFaDdCWiUyRmlGRA&info=1fK_P180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6USUyQjRIZExyc3FwMHpSTlI5RExwTUJH&idsd=-825347734,-1177677733&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 852934
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 3ebbff1becf8c00ab147d628c2c42945
e06398c730983c9c9dacffdb3a49fd01ca0f5f53
ff19b9b67495ab14020082b3192dd4eed8daeb7aaccc801e84d1e2ad22cd721d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6134
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:20 GMT
Last-Modified: Sun, 04 Sep 2022 16:20:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 3ebbff1becf8c00ab147d628c2c42945
e06398c730983c9c9dacffdb3a49fd01ca0f5f53
ff19b9b67495ab14020082b3192dd4eed8daeb7aaccc801e84d1e2ad22cd721d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6134
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:20 GMT
Last-Modified: Sun, 04 Sep 2022 16:20:07 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&cmcv=&pix=31589837&cb=1662314536459&uv=3221&tms=1662314536459&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662314533258!ts:1662314536459&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&cmcv=&pix=31589837&cb=1662314536459&uv=3221&tms=1662314536459&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662314533258!ts:1662314536459&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&cmcv=&pix=31589837&cb=1662314536459&uv=3221&tms=1662314536459&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662314533258!ts:1662314536459&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:20 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b830dcf3-2c7b-11ed-b7d1-124172220306; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b830dd5b-2c7b-11ed-b7d1-124172220306
X-fe: 70
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vidstat.taboola.com/vpaid/units/32_2_1/assets/css/cmOsUnit.css
200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_1/assets/css/cmOsUnit.css
IP
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_2_1/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FFIgAFi28LRsvbJkTabEKoyhxUV625KyfKtwCkm6lA5OBQ6IFsgXmHU9tBODZzZscuCy2yFiyW8=
x-amz-request-id: RCC5ZC1T7V9AWGM8
last-modified: Mon, 29 Aug 2022 09:07:10 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1661764029
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1661764028
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
age: 550408
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 102958
x-timer: S1662314540.127666,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
200 OK 127 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
IP
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 127 kB (126712 bytes)
Hash 5f22089507fa10d5707ce2727a7dc3e8
ece042046e36dbaa70fccd21581758a7765d4295
e0aa425ad11366db05814cc36e3476a26dd349039667cf341e89cbfae454c6e4
GET /vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HaQtQc5Sg+c+mzUcgZ+MUqBdbTUXOGKi93ZjN2sN5DlqM0jHbJxqU35JASTIStR2k8VjOTgqflI=
x-amz-request-id: 8Q8EP9MSAQBYWJT7
last-modified: Mon, 29 Aug 2022 09:06:16 GMT
etag: "5f22089507fa10d5707ce2727a7dc3e8"
x-amz-meta-ctime: 1661763975
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1661763973
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
age: 550410
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 51089
x-timer: S1662314540.144232,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 126712
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b83b33a6-2c7b-11ed-9d39-14bc9e680406; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83b340a-2c7b-11ed-9d39-14bc9e680406
X-fe: 41
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b830dd5b-2c7b-11ed-b7d1-124172220306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b830dd5b-2c7b-11ed-b7d1-124172220306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b830dd5b-2c7b-11ed-b7d1-124172220306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b83bcd8e-2c7b-11ed-be7d-1d37f49c0506; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 14
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=306&height=172&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1662314536472&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1460832876&tz=0&viewable=true&ddast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1
200 OK 510 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=306&height=172&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1662314536472&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1460832876&tz=0&viewable=true&ddast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1
IP
File type ASCII text, with very long lines (1424), with no line terminators
Hash 5ca284cf736ccd5d8e3746e0787a96c0
5fe429d8310e7908e5641cfdd4853a42f770041a
db8a93419b3b52dba6e528a54269db32efaa88b13cef9f8136dc9104ffcf6b7f
POST /VideoBidRequestHandlerServlet?oid=15&width=306&height=172&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1662314536472&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1460832876&tz=0&viewable=true&ddast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1433
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314540.113684,VS0,VE54
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83b340a-2c7b-11ed-9d39-14bc9e680406
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83b340a-2c7b-11ed-9d39-14bc9e680406
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83b340a-2c7b-11ed-9d39-14bc9e680406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b8543369-2c7b-11ed-83eb-1e588e900506; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 118
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83e7994-2c7b-11ed-b505-1f932c7f0106
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83e7994-2c7b-11ed-b505-1f932c7f0106
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b83e7994-2c7b-11ed-b505-1f932c7f0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b8551e41-2c7b-11ed-8ea6-1a7cb9e30106; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 22
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b84050e1-2c7b-11ed-b0c1-16821cb20406
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b84050e1-2c7b-11ed-b0c1-16821cb20406
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b84050e1-2c7b-11ed-b0c1-16821cb20406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b85595ad-2c7b-11ed-8639-130dfa940406; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 40
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash ce38101bda87c3f6aa8fda1c206fe2f6
4f9aac9d60e565e75c0d226532303eb52fb0023b
46fff3c4fd89a724d54807b4086c7eeaccf63ea0b514f2fc1f1820bd9d46a537
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 08 Sep 2022 15:56:25 GMT
ETag: "4f9aac9d60e565e75c0d226532303eb52fb0023b"
Last-Modified: Sun, 04 Sep 2022 15:56:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 261
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7458a2b5bc4bb506-OSL
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js
200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dc6f9c508a655c577be225354b665441
b3732cd64bfe7a29cdb4c794444fa47d6d291e22
c3530b281ae1a74e916bb1c641e37977803bc4606b6d024d12c7d8024cda72f0
GET /vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IKBOhnrMjJgezl8a2yjdelD3GGckq3CWxzf/TaOjne9L6nHWUywab4uzkMvL/G0As5wC88tPq5U+S45ArzvU2Q==
x-amz-request-id: 22MGPNJV79F9CPMM
last-modified: Wed, 31 Aug 2022 06:57:30 GMT
etag: "dc6f9c508a655c577be225354b665441"
x-amz-meta-ctime: 1661929049
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1661929036
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
age: 385439
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 78743
x-timer: S1662314541.525255,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 86596
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 21ec0a61c3d80479f36a4344a8233e69
a1ba1a00de7a55da4cada649cb60aa69b6244378
d0cd10dab760a1b8c7c8cd20a8debf98d369c42e15ec482e5f67fb723898c2c6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 18:02:20 GMT
Last-Modified: Sun, 04 Sep 2022 17:08:55 GMT
Server: ECS (nyb/1DCD)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: liGYPzT6QrRms1RQcvq9a1gfa1S-83m4iqmbE51UuWBA26MCRW7xgA==
Age: 3205
am-match.taboola.com/sync?dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&excid=22&docw=0&cijs=1&nlb=false
200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 98a76f3a7fd5e8337ef3301d5d69d0d7
f7c260a4e32ec68e61dc6e25c3b7e4d2b572c6a6
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
GET /sync?dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d9392ac2e46cce125dd6cf2571e6efde
112131ca37b327f0a9fb7ca8c0ef3e2ae9427d38
cd08102db1bf29077d52a174fc48e708c82e8deab9de59f6fb9cc5c6d0d7befc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1655
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:20 GMT
Last-Modified: Sun, 04 Sep 2022 17:34:46 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&cmcv=&pix=undefined&cb=1662314536460&uv=3221&tms=1662314536460&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bc19129c-ee79-4251-afad-a839f0ca89c2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 491 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&cmcv=&pix=undefined&cb=1662314536460&uv=3221&tms=1662314536460&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bc19129c-ee79-4251-afad-a839f0ca89c2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
Hash d9fe292641875bc806389fc7b4f25c7b
4219f28d5b4de2dd77c26fd26fa1836fe40ff091
b6c44691ee9b3c62e903121ebefe390a7e78e54a6a2b2455e6495ef0e66380dd
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&cmcv=&pix=undefined&cb=1662314536460&uv=3221&tms=1662314536460&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bc19129c-ee79-4251-afad-a839f0ca89c2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314540.093018,VS0,VE25
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b8a59e42-2c7b-11ed-8faf-190e06a80406; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b8a59e82-2c7b-11ed-8faf-190e06a80406
X-fe: 17
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ups.analytics.yahoo.com/ups/58534/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Sep 2022 18:02:20 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBCzoFGMCEFZFUcmbiVND-93hLuFUZoYFEgEBAQE5FmMeYwAAAAAA_eMAAA&S=AQAAAp6-7mJvis3pm76g1z0UAG8; Expires=Tue, 5 Sep 2023 00:02:20 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://sohaib-hack.yoo7.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
age: 9139
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 870
x-timer: S1662314541.894078,VS0,VE0
cache-control: private,max-age=31536000
abp: 90
content-length: 254
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash a959bf325cab4759e09e7505651912ae
af20df57e6e3376e0d1f607f45e87e96e11797c3
a0972cee9ef30dd6b8214d5094eac658510b82b8505cb5b2161bcc89a6d305bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:56:49 GMT
Expires: Sat, 10 Sep 2022 01:56:48 GMT
Etag: "af20df57e6e3376e0d1f607f45e87e96e11797c3"
Cache-Control: max-age=459867,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7458a2b85d75b500-OSL
vidstatb.taboola.com/vid/blackScreen5.mp4
206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://sohaib-hack.yoo7.com/
Connection: keep-alive
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
age: 816633
x-served-by: cache-bma1640-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 56146
x-timer: S1662314541.902169,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b89f9701-2c7b-11ed-8dca-1f0541440206
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b89f9701-2c7b-11ed-8dca-1f0541440206
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b89f9701-2c7b-11ed-8dca-1f0541440206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b8a7d6b0-2c7b-11ed-93f5-1e588e900406; expires=Sun, 02-Oct-2022 18:02:20 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 118
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&excid=22&docw=0&cijs=1&nlb=false
200 OK 785 B URL HTTP/2 am-match.taboola.com/sync?dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
Hash efda84681c67a73b8a8eca7b40f54f12
b7e8580e2a664a396c8728e8697eac2508573ecb
894c524a8dd0581fb08f53c5c93fb2ef454f678c1688a12a3245aded3b2d6103
GET /sync?dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
pushazam.com/ntfc.php?p=2308013&r=sw
200 OK 40 kB URL HTTP/2 pushazam.com/ntfc.php?p=2308013&r=sw
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a67da4bcf2049debea956242238321a2
169c1cf5dc683fb8597d60bd3081e2cefabc2707
2e5401da09e0ed7e1f14abc4950349d0dbbf2b9fa1906c3c8be5c0a603f8292a
GET /ntfc.php?p=2308013&r=sw HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Sep 2022 18:02:20 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBCzoFGMCEBA-2fsj9Swj1kagId8OncMFEgEBAQE5FmMeYwAAAAAA_eMAAA&S=AQAAAnS2en4JBXssCGzpVegDK2M; Expires=Tue, 5 Sep 2023 00:02:20 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5011
Origin: https://sohaib-hack.yoo7.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://sohaib-hack.yoo7.com/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314541.895368,VS0,VE92
x-vcl-time-ms: 92
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2444
Origin: https://sohaib-hack.yoo7.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://sohaib-hack.yoo7.com/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314541.895551,VS0,VE82
x-vcl-time-ms: 82
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 04 Sep 2022 18:02:20 GMT
Content-Length: 43
Connection: keep-alive
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&_u=YEBAAUAAAAAAAC~&z=1726346899
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&_u=YEBAAUAAAAAAAC~&z=1726346899
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&_u=YEBAAUAAAAAAAC~&z=1726346899 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 18:02:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&_u=YEBAAUAAAAAAAC~&z=1726346899
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&_u=YEBAAUAAAAAAAC~&z=1726346899
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=1211259727.1662314535&jid=2087059198&_u=YEBAAUAAAAAAAC~&z=1726346899 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 18:02:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cebfe28b301ffe9583a29d4e2e787a07
c312300cb020f4f61edaf4b51394aa889bc815e8
faf415663681aab7051de03f75a3163352ff9cffa4f72e38f56d4e0eb337af4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 18:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5508141e054e220c15b286ea65d8a012
668d6db46e4e3e8d29c765582fcd8de3082348ec
890dfa96068db80ab3b5c9ea5c475092a6509c5df2569d12a056bd324fd65133
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "890DFA96068DB80AB3B5C9EA5C475092A6509C5DF2569D12A056BD324FD65133"
Last-Modified: Fri, 02 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18195
Expires: Sun, 04 Sep 2022 23:05:36 GMT
Date: Sun, 04 Sep 2022 18:02:21 GMT
Connection: keep-alive
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 714864
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sohaib-hack.yoo7.com/
x-crto-bundle: Qkdvul91WmFWb01kMmc2dFdPaCUyRmNIdyUyQkg4YkszR003QlhNTjF2eFN6YlRyY3dpTVBEJTJGU20lMkJleHN3c09odktmRGtYZUdXSnlCWEJveCUyQk1KdTM2QUtkQmNobnBqMk5iWlM0ZUpMenlQbzZvVU9XcmZ5dDhkendKckFIcThFaDdCWiUyRmlGRA
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://sohaib-hack.yoo7.com
server-processing-duration-in-ticks: 1772631
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&excid=22&docw=0&cijs=1&nlb=true
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
pushazam.com/ntfc.php?p=2308013&r=sw
200 OK 0 B URL HTTP/2 pushazam.com/ntfc.php?p=2308013&r=sw
IP
GET /ntfc.php?p=2308013&r=sw HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:21 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
sohaib-hack.yoo7.com/serviceworker.js
200 OK 0 B URL HTTP/2 sohaib-hack.yoo7.com/serviceworker.js
IP
GET /serviceworker.js HTTP/1.1
Host: sohaib-hack.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166232; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 125147
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/javascript
x-trace-id: 26e80b97f88092d8eb3d3cb05fa5f15c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4799715e298e4b88b3b201a6df2eb0db; expires=Mon, 04 Sep 2023 18:02:18 GMT; path=/; secure; SameSite=None
oaidts=1662314538; expires=Mon, 04 Sep 2023 18:02:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Tue, 04 Oct 2022 18:02:17 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 6746:6F50:32165A:33D074:630E6082
vary: Accept-Encoding
x-fastly-request-id: 69f79345a06b0b1141ad45c449ca4ccd3478aa17
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/62/frm/jquery/marquee/jquery.marquee.min.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/62/frm/jquery/marquee/jquery.marquee.min.js
IP
GET /rs3/62/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Wed, 02 Aug 2023 13:50:22 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: MISS
x-cache-pr: MISS
cf-cache-status: HIT
age: 2866315
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZm3xCANBAmwstFMht0seF5Un3V7%2FKniwU2%2BatBjT25NTn06wsJ5GwLEnYwO92gGUb%2FDo1BwpJZjMRzQGp9QkoITzUwtaVGjGZuiWHX3mOZMTAXMxYxiU%2F%2FAANoxWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a4cc750b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&cmcv=&pix=undefined&cb=1662314536294&uv=3221&tms=1662314536294&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=83789957-8867-4ba9-bea8-dc5f6273ffec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&cmcv=&pix=undefined&cb=1662314536294&uv=3221&tms=1662314536294&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=83789957-8867-4ba9-bea8-dc5f6273ffec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&cmcv=&pix=undefined&cb=1662314536294&uv=3221&tms=1662314536294&abt=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=83789957-8867-4ba9-bea8-dc5f6273ffec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314540.930204,VS0,VE26
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/62/frm/jquery/cookie/jquery.cookie.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/62/frm/jquery/cookie/jquery.cookie.js
IP
GET /rs3/62/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:50:22 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2866315
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbFGVnYNP%2BASEdya8KduSNuFXxsUpiaFTTPuIKZ92aXXq8bFQT3niuLEsxnkkf07ycJb0pkHpKH4Psiv1NxqOHTBnvFaEgS3Sy4GIrnjsQm3cJ2ZkWU8HImb%2Fkf%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7458a2a4cc840b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: text/javascript
last-modified: Wed, 31 Aug 2022 21:49:04 GMT
etag: W/"630fd750-1e137"
expires: Mon, 05 Sep 2022 18:02:17 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=18%3A02%3A15.347<i=deflated&data=%7B%22id%22%3A211%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662282367821%2C%22vi%22%3A1662314535346%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsohaib-hack.yoo7.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fsohaib-hack.yoo7.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1902%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A246.39999389648438%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1853.4000244140625%2C%22mw%22%3A789.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=18%3A02%3A15.347<i=deflated&data=%7B%22id%22%3A211%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662282367821%2C%22vi%22%3A1662314535346%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsohaib-hack.yoo7.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fsohaib-hack.yoo7.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1902%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A246.39999389648438%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1853.4000244140625%2C%22mw%22%3A789.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
GET /forumotion-ar/trc/3/json?tim=18%3A02%3A15.347<i=deflated&data=%7B%22id%22%3A211%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662282367821%2C%22vi%22%3A1662314535346%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsohaib-hack.yoo7.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fsohaib-hack.yoo7.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1902%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A246.39999389648438%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1853.4000244140625%2C%22mw%22%3A789.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:19 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314539.255566,VS0,VE178
vary: Accept-Encoding
x-vcl-time-ms: 178
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=VOxfol80M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6U2VlakVweThZS2xZcndMSjhZWiUyQnN6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://gum.criteo.com
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 884
set-cookie: browser_data=mTqdj180M0RITmhlJTJCZkMwOUJGQlhaMUN2czclMkZIS2Z4aWYlMkZGSkRLWEttJTJGJTJGTnp6UnBISlduT256N3h3QjJmZ2tibHAzSA; expires=Fri, 29 Sep 2023 18:02:18 GMT; domain=dnacdn.net; path=/; secure; samesite=none
date: Sun, 04 Sep 2022 18:02:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sohaib-hack.yoo7.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: sohaib-hack.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 04 Sep 2022 00:00:00 GMT
last-modified: Sun, 04 Sep 2022 18:02:17 GMT
vary: User-Agent
set-cookie: exadd=166232; expires=Sun, 04-Sep-2022 22:02:17 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662314536317&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1460832876&tz=0&viewable=true&ddast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662314536317&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1460832876&tz=0&viewable=true&ddast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662314536317&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-1460832876&tz=0&viewable=true&ddast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!Noappq22_vD!nrlc_vB!smbs!spa2_vB!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://sohaib-hack.yoo7.com
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1436
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314540.982224,VS0,VE82
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=sohaib-hack.yoo7.com
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=sohaib-hack.yoo7.com
IP
GET /syncframe?origin=rtus&topUrl=sohaib-hack.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:18 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=11cc89d3-bc3f-4ce4-9828-9104c2cd9281; expires=Fri, 29 Sep 2023 18:02:19 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 795261
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sohaib-hack.yoo7.com/sw.js?v=3.1.391&o=55e2019bd6874a17ac7317244e0ef9d1&pub=0&p=2308013
200 OK 0 B URL HTTP/2 sohaib-hack.yoo7.com/sw.js?v=3.1.391&o=55e2019bd6874a17ac7317244e0ef9d1&pub=0&p=2308013
IP
GET /sw.js?v=3.1.391&o=55e2019bd6874a17ac7317244e0ef9d1&pub=0&p=2308013 HTTP/1.1
Host: sohaib-hack.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166232; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.1211259727.1662314535; _gid=GA1.2.1691618778.1662314535; _gat_gtag_UA_144347007_1=1; cto_bundle=Qkdvul91WmFWb01kMmc2dFdPaCUyRmNIdyUyQkg4YkszR003QlhNTjF2eFN6YlRyY3dpTVBEJTJGU20lMkJleHN3c09odktmRGtYZUdXSnlCWEJveCUyQk1KdTM2QUtkQmNobnBqMk5iWlM0ZUpMenlQbzZvVU9XcmZ5dDhkendKckFIcThFaDdCWiUyRmlGRA; prefetchAd_3765907=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:19 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&excid=22&docw=0&cijs=1&nlb=true
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7e2QCFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJOJxLBeT5catcvmWa9FktVgrbA6TW2HcLGeGjcO43FiGQBKLlWVl85jWCt_MthZNhqu1xDVZuSWbkW04s5h2m-VoCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3es3f6HBa3EKHx2tX_v2-ucbv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrRAAAACBEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkiLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIGAwQVU9JAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW4024xmBwAAAHD3____rwdiG5dpM5q4RiuXZTRabmaz1WLkmC1cw8VmuLDstjcuCx5H8Dkr2uchLLPfdxCxPF_T33CQ8S2vt0FUdL0tdofT7LkfRUuWu-VuNZosRqPlcrMbbkaD_QnkbIAULVmslsPVbrIYbRaLyXI3HE0mSNGS1XK5XG02q9VutJgNNsvhZoMUrVrNRpvBcDWbzHa71XAwXI5GSNGS5W65W40mi9FoudzshpvRYIgwNfE4NruNbS2zjQZr0XJkWwtXvtVaNRrMRg7HbriwTNyi18f0MKxsI4fFi4IBEXsRXKQTmd_yevtNT7_drbBcxBLNySKdyC772sZl2owmrtHKZRmNlpvZbLUYOWYL13CxGS4su31r4nFsdhvbWmYbDdai5ci2Fq58q7VqNJiNHI7dcGGZuEWvj-lhWNlGDou_MZtNNovRarPcN2azyWYxWm2W-w6d4bv6nI3O4HjikbnUx3Gye3MYFC6Dxfv7XKTNaONmVGnDFovqWty5JladNnYydg5mg8L3N5e24uA2ci73JQexwaCIJYLTRToRvYyni1gieVqkE5Fl45qZTJORceEYzhyu4Wa0G80GE8vGs3EuZ66JWKI0XaQTvUT9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvharkAEM5euj_GGWZ4HdsUu5Q_JILbiuETxY0fN5jf8nr7TU-_3a2wXBnggZqcebNnglir1bIGAAAQwAYAAAjg1s1bADYjtw8UtV3ogRvFzk9ww-Vi!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 18:02:20 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662314541444&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-1797028804&tz=0&viewable=true&ddast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=Noappq22_vD!amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!nrlc_vB!smbs!spa2_vB!ufm_vA!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662314541444&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-1797028804&tz=0&viewable=true&ddast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=Noappq22_vD!amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!nrlc_vB!smbs!spa2_vB!ufm_vA!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662314541444&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-1797028804&tz=0&viewable=true&ddast=V72SECFgNmTomFdobx6wRmTomFdobx6wUAAAAGBuIHJLjZDZfL1W4tHM52a9HE4VxLXA7jWuRxzWyT3WZmc3mMQIKb3XC5XO3WwuFstxZNHM61xOUwrkUe18w22W1mNpfHChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXq_5Gx1Oi1vo8Hjtyr_fN9f43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMXQ33bCRR67UyxRAWwRIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABAwmqKZHZekOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALOoJWDAarU4jdcLbYjWab0ewAAAAA7v7____1QGzjMm1GE9do5bKMRsvNbLZajByzhWu42AwXlt32xmXB4wg-Z0X7Im4yHD4HA1HR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLUxOPY7Da2tcw2GqxFy5FtLVz5VmvVaDAbORy74cIycYteH9PDsLKNHBYvCgZE7EXytEgnyo3DsNtYLL7JYuQaDmee3Wq5GVlMLsPIs9usLBaxRHOySCeyy762cZk2o4lrtHJZRqPlZjZbLUaO2cI1XGyGC8tu35p4HJvdxraW2UaDtWg5sq2FK99qrRoNZiOHYzdcWCZu0etjehhWtpHD4m_MZpPNYrTaLPeN2WyyWYxWm-W-Q2f4rj5nozM4nnhkLvVxnOzeHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4CKdyPyW19tvevrtboXlIpYoTRfpRC8RSwSni3QiehlPF_UfGXIxVw7moslcsRqtEgAAAAAAAADAEubMmwAAAACcBjIabIardR7IYDnYLVfLBYBw9tL9Mc4ww-vYptil_CER3FYMnyhu_LjB_JbX2296-u1uheXKAA_U5MybPxPEWq2WNQAAgAA2AABAALdu3gKwmfj_____OAAAABk5egAAAPF9oKjtQg_cKHZ-ghsuFwM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=Noappq22_vD!amplean_vD!expl_vE!inc_all_video_vA!mprdctdt6_vA!nrlc_vB!smbs!spa2_vB!ufm_vA!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fsohaib-hack.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 133
Origin: https://sohaib-hack.yoo7.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://sohaib-hack.yoo7.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1427
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://sohaib-hack.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 18:02:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662314545.103694,VS0,VE243
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/62/frm/jquery/ticker/ticker.css
200 OK 0 B URL HTTP/2 illiweb.com/rs3/62/frm/jquery/ticker/ticker.css
IP
GET /rs3/62/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sohaib-hack.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 18:02:17 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Wed, 02 Aug 2023 13:50:34 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2866303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIdFvouEcAyYcUKhrKOgzfHz18nLl3fjkElvK0kQZ17CtCwuyUB9GhmL41LXff1oPQLvHLFbS2itaso6nn%2FhvOUgctCM3cISzMN4xqHdawHo6PoH5AHHdE5DqnYAtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7458a2a4cc7d0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
94.23.150.222
104.21.31.159
178.250.2.146
151.101.85.44
93.184.220.29
44.197.31.165
3.126.56.137
23.36.77.32
185.106.33.48
52.31.1.150