almraw3h.yoo7.com/t988-topic
301 Moved Permanently 0 B URL HTTP/1.1 almraw3h.yoo7.com/t988-topic
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t988-topic HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 14:11:58 GMT
Content-Length: 0
Location: https://almraw3h.yoo7.com/t988-topic
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8431
Expires: Sat, 03 Dec 2022 16:32:29 GMT
Date: Sat, 03 Dec 2022 14:11:58 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4254
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:58 GMT
Last-Modified: Sat, 03 Dec 2022 13:01:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3572
Expires: Sat, 03 Dec 2022 15:11:30 GMT
Date: Sat, 03 Dec 2022 14:11:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jzvHuhareRMi9z8wGKYwDfhEgZN77yo7tTxSWYoxSBb6eauqBqQiDg0USV5F3n1RS59q7dBxiPM=
x-amz-request-id: 1T3ZNZXFQ0W1NAVK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 13:46:35 GMT
age: 1523
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 13:18:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3223
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9e476c7f51632b2ae08c6ec199977342
609e442852e675cdbad89c6f10718d09e1acf66c
ac33d2438deb8c72f4ea11caef4a6b851b79a72faab429719223133a7d8cf491
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC33D2438DEB8C72F4EA11CAEF4A6B851B79A72FAAB429719223133A7D8CF491"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Sat, 03 Dec 2022 14:56:32 GMT
Date: Sat, 03 Dec 2022 14:11:58 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:11:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 5c5b75979e3f4e0eabf295dbedef1e5e
872e11fd80941061313412a0f546ba4588637754
db52fe736cfe3b1c2dba50cdab0d681494289551b21b98454b675570c100343f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 553
Cache-Control: max-age=142450
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae078-116"
Expires: Mon, 05 Dec 2022 05:46:09 GMT
Last-Modified: Sat, 03 Dec 2022 05:36:56 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 5c5b75979e3f4e0eabf295dbedef1e5e
872e11fd80941061313412a0f546ba4588637754
db52fe736cfe3b1c2dba50cdab0d681494289551b21b98454b675570c100343f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: max-age=148263
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae078-116"
Expires: Mon, 05 Dec 2022 07:23:02 GMT
Last-Modified: Sat, 03 Dec 2022 05:36:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=
200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP
File type ASCII text, with very long lines (1921)
Hash 1f2af299061f5de56abe4dba03a7c4f2
f4f5987f11c31919691e45fde205ed40c0ddd282
2d5e16fbaf187c8fe6b772182c03a65d80b8705376d4db9fb8a202ceb35c9cc0
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 14:11:59 GMT
expires: Sat, 03 Dec 2022 14:11:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
File type ASCII text, with very long lines (1921)
Hash d1eb4090f955bec745b831d3a0fd79e2
0e9e212f21e3a020292fde36606e6b3dec9d8f73
08c36a7a6873bd107b66979848edbdcb5c2bee397a8a104ed0ce5691ccb935ae
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 14:11:59 GMT
expires: Sat, 03 Dec 2022 14:11:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 5c5b75979e3f4e0eabf295dbedef1e5e
872e11fd80941061313412a0f546ba4588637754
db52fe736cfe3b1c2dba50cdab0d681494289551b21b98454b675570c100343f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 553
Cache-Control: max-age=142450
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae078-116"
Expires: Mon, 05 Dec 2022 05:46:09 GMT
Last-Modified: Sat, 03 Dec 2022 05:36:56 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 5c5b75979e3f4e0eabf295dbedef1e5e
872e11fd80941061313412a0f546ba4588637754
db52fe736cfe3b1c2dba50cdab0d681494289551b21b98454b675570c100343f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: max-age=148263
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae078-116"
Expires: Mon, 05 Dec 2022 07:23:02 GMT
Last-Modified: Sat, 03 Dec 2022 05:36:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:01:47 GMT
expires: Wed, 29 Nov 2023 13:01:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 349812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5644
Cache-Control: max-age=141428
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 05:29:07 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 727 B IP
Hash 82a80e012b9302c5d633866df95b4aa6
f3fe8e169850bab13e0f733368d268571b3ddb33
89558def505df5b0cee409b3fd71890bb09cb50d2cd3d2bc4c22dc83c2014e18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2575
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:29:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 727
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 181
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4203
Cache-Control: max-age=158695
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:16:54 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 313 B IP
Hash 8bb256dfc9bfde1880ebd8030a02cabc
ae5d312abddf2531da3f7df9cf723b2d65e08a7b
8eec27810521985839989534603072b6cb9d9a99967267139f789973d373134f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4105
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:03:35 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
connect.facebook.net/ar_AR/all.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js
IP
File type ASCII text, with very long lines (1957)
Hash 3296846b0d9893de20676a6a6d23f36b
2cad2002d01e0648e19bff1d9db65aad8ffbdd32
7aca30abfacb66fc66cfbeaeb4d0e33776f67c75b14b2c02c7328f2c3a478e63
GET /ar_AR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3503897ab2e94b30a58e4afcb1c045fc
etag: "152b3525381a2f621eeb964534c4227e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Dec 2022 14:21:34 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: MpaEaw2Yk94gZ2pqbSPzaw==
x-fb-debug: Blxc9vPuDOwunqzVTRnmorjxP5cR8MfFjukKK7FEOZW1G6Jh6SPmCmjW2+6Dza5f3fhDhDSRzuDBA3vimvNhJg==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 14:11:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 5c5b75979e3f4e0eabf295dbedef1e5e
872e11fd80941061313412a0f546ba4588637754
db52fe736cfe3b1c2dba50cdab0d681494289551b21b98454b675570c100343f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: max-age=148263
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae078-116"
Expires: Mon, 05 Dec 2022 07:23:02 GMT
Last-Modified: Sat, 03 Dec 2022 05:36:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3971
Cache-Control: max-age=139755
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 05:01:14 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 280 B IP
Hash 77df2033534ce77020167eb805984aa4
1f82cbeb5053961a34f7c98e5902c98001f8fefb
39e95727404783827965b243927e296d7ec870812489665b3ba3344b17a23232
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:13:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 77df2033534ce77020167eb805984aa4
1f82cbeb5053961a34f7c98e5902c98001f8fefb
39e95727404783827965b243927e296d7ec870812489665b3ba3344b17a23232
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:13:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 77df2033534ce77020167eb805984aa4
1f82cbeb5053961a34f7c98e5902c98001f8fefb
39e95727404783827965b243927e296d7ec870812489665b3ba3344b17a23232
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5867
Cache-Control: max-age=149947
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae8ff-118"
Expires: Mon, 05 Dec 2022 07:51:06 GMT
Last-Modified: Sat, 03 Dec 2022 06:13:19 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 280
almraw3h.yoo7.com/0-rtl.css
200 OK 57 kB URL HTTP/2 almraw3h.yoo7.com/0-rtl.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 4e067af7a979bc85fd3bdbd395de2c09
a59b9aec25f084b682829c7d6b41641fa47af582
6469a0d8ab994ac9b9850dec8f9f2075df7dbe6c16289ce2028b145fe2ea6730
GET /0-rtl.css HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/t988-topic
Cookie: exadd=167009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: text/css
content-length: 57389
last-modified: Sat, 03 Dec 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 1a9779b9a979e86049918a522a29c9d4
e1cb0d34edd498d900a1731d79cbc1ce2b751882
85ae4803e3b0fe65499206b6bdbc2f5c6df72a1ebc9f14e514bed075383cceb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 12:46:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash 77df2033534ce77020167eb805984aa4
1f82cbeb5053961a34f7c98e5902c98001f8fefb
39e95727404783827965b243927e296d7ec870812489665b3ba3344b17a23232
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5906
Cache-Control: max-age=149986
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638ae8ff-118"
Expires: Mon, 05 Dec 2022 07:51:45 GMT
Last-Modified: Sat, 03 Dec 2022 06:13:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 1a9779b9a979e86049918a522a29c9d4
e1cb0d34edd498d900a1731d79cbc1ce2b751882
85ae4803e3b0fe65499206b6bdbc2f5c6df72a1ebc9f14e514bed075383cceb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 12:46:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 1a9779b9a979e86049918a522a29c9d4
e1cb0d34edd498d900a1731d79cbc1ce2b751882
85ae4803e3b0fe65499206b6bdbc2f5c6df72a1ebc9f14e514bed075383cceb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 12:46:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 1a9779b9a979e86049918a522a29c9d4
e1cb0d34edd498d900a1731d79cbc1ce2b751882
85ae4803e3b0fe65499206b6bdbc2f5c6df72a1ebc9f14e514bed075383cceb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2919
Cache-Control: max-age=117835
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638a7714-117"
Expires: Sun, 04 Dec 2022 22:55:54 GMT
Last-Modified: Fri, 02 Dec 2022 22:07:16 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 279
2img.net/i/empty.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 447687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZsOe1ZhAXEmN9ENq9ucWjngE5Mlf1LJRoReGfvrRRvDTgpmAosAaVYxVHVvG%2FywzsHJqZ0ODDGy5bJTP2F9D%2Fy64Xdhp7Co40m15sH4jaHuIzESOkLPRhjJTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50868447330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/613623.gif
301 Moved Permanently 178 B URL HTTP/2 2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/613623.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/help.ahlamontada.com/users/68/54/94/smiles/613623.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 14:11:59 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 447302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5GKB3Y6phkLz%2BQ8XxVFozZgVsUiOO6goZUAdgcKfvv2YG3nE3Ijh7%2BjnCVDNz%2BdoZSeuMZgPTHXsW66ojW%2BbGRkjDpmL53Bhq3vSxLubwAnVV4x1PwaXVQdHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50868467330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/103798.gif
301 Moved Permanently 178 B URL HTTP/2 2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/103798.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/help.ahlamontada.com/users/68/54/94/smiles/103798.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 14:11:59 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 447302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyPycDGf3LdZpOxkTFTdCGuFMsi3uvBqpR6TJsTuZKHVgqZMlGs4E8Miz5DTN0lwoBDxkj4jHhLfsS2vHUmaL6exrYnHzpB89p4Bww2Eri6yvJS6NfWzPymt3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50868477330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
200 OK 42 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 447687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEZr9%2BQpu5bm9Spd3oKx%2BmSyonQgHX6a3aGJodGbZDTWZn6l%2FVPcokY6iLThDkqzDU%2B1%2FcJaUQJvZEBLWCxTeik0JymvmOAE6%2BHRYQ7OnlIxwyNZalWN%2BN5L7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50868487330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f26/13/86/62/90/sss10.gif
200 OK 8.6 kB URL HTTP/2 i.servimg.com/u/f26/13/86/62/90/sss10.gif
IP
File type GIF image data, version 89a, 200 x 73\012- data
Hash 48f43ffcd078800fb986b42eec15d72c
a810cdda9d6166862b8b1e58cf84c827628dcec4
8bd16b0181108159bf22454b08d3d77894fb116ef64a66cb5dc9f389871a5224
GET /u/f26/13/86/62/90/sss10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/gif
content-length: 8593
last-modified: Thu, 28 Oct 2010 00:56:20 GMT
etag: "4cc8ca34-2191"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 28 Nov 2023 21:06:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BYsVJTz3N57lnP33ujzUTrLoKEwOto0cMsqTJKMenP%2Be5e%2FUVL5HjsPH1OKjelEDgccjI8vV4qwtbomncTastY4RfLhuTfwangLdGrwQqZEMJg7Tos%2BLH0qF%2FzkCds0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce5081db9b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/829894.gif
301 Moved Permanently 178 B URL HTTP/2 2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/829894.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/help.ahlamontada.com/users/68/54/94/smiles/829894.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 14:11:59 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 447302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRYLsX%2Fg%2Fs8PnewRBm8WNgmfctY0U2Tuq%2Fxe0VUj6XLUNfUFpmNT8zjBcvOnPh3p6BYBzbqtJKYODORgJLr1t%2BtOTIU2a2EINF4P9oaT4Fmn7tfUuEaekh7ylA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50868457330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f35/14/15/65/88/2323_t10.jpg
200 OK 3.3 kB URL HTTP/2 i.servimg.com/u/f35/14/15/65/88/2323_t10.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x30, components 3\012- data
Hash 6fe170d1a8798343f8997e35be802670
93ed0b259eea6345a13d4070ff839436111a4427
5456939fa976e633764bce788cdffb80d16dc17daa45838d214db66439c2643e
GET /u/f35/14/15/65/88/2323_t10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/jpeg
content-length: 3342
last-modified: Tue, 24 Aug 2010 01:11:08 GMT
etag: "4c731c2c-d0e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 26 Nov 2023 11:36:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMpiwS3CtvDRV1s5iMSSPlybMm6PYN%2FReZY%2B5BsQMeN7FW0DFjtv0RovXf7Y0Ip2sRJP3e9J%2FNYh5IjlwJWtfaCH%2BZrnr0M3W69mTb5RoLlaZzLQYCyconcaVaoiUcC2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce5083de9b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_tabs_less.png
200 OK 882 B URL HTTP/2 2img.net/s/t/14/44/42/i_tabs_less.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f3100cccaa126edc9cde13671d28aee
cbd57e2bdf58f3531fb8af76392b23f35e7550f6
1f72be0ea575f93892ba3542f11806eaee52f1e05d7bb0e0329f36ab1d19214c
GET /s/t/14/44/42/i_tabs_less.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/png
content-length: 882
last-modified: Wed, 27 Oct 2010 18:55:16 GMT
etag: "4cc87594-372"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FM0qPhTWSFHsdkG2FxsShshpY2j87j8vzd3%2BTNgBUVYpn2vMoRrHpO%2B%2B%2BqIOvl1ltqKwemRgmtk2r%2BM8xdIkw8hvT3E3jKASCtxt%2BLEYndRM91ec4ThwG2Diw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50858207330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_icon_minitime.png
200 OK 739 B URL HTTP/2 2img.net/s/t/14/44/42/i_icon_minitime.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1db725591e48c5054f76d352efe80cce
27200c8de421e791d9d1395b22fe370203f254b3
be59c873ac97b81a3ddd5b949bbee8c35ccaa2816cd93cfaf58a6a9afa442bbc
GET /s/t/14/44/42/i_icon_minitime.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/png
content-length: 739
last-modified: Wed, 27 Oct 2010 18:55:14 GMT
etag: "4cc87592-2e3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B06t3BqDO%2BgQ5PqJMjx9zxYSJaCj3oAqIJ7st%2Bc2BFDJtQmxT5okgkXztV7XEOtrmqUQnDeJ6aPl%2BNbe4sGpcMiRhYWByxs18p9grSiJjJZ4eQZqnbgKbk16OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50858247330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_icon_minipost.png
200 OK 3.5 kB URL HTTP/2 2img.net/s/t/14/44/42/i_icon_minipost.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash dd02e233c1bf4e7ae0126398c3a3bc10
4e3f298581dd219694ce266d6b0ca8697952f4fa
68e05d6fe5677ee43c282fb86828df867f81e422b111674daec6bcee413d6cc6
GET /s/t/14/44/42/i_icon_minipost.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/png
content-length: 3482
last-modified: Wed, 27 Oct 2010 18:55:16 GMT
etag: "4cc87594-d9a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BVJLlcFxvyV2At36wN%2Fklq1G%2BUoTKn3giWGSIqvtBzGubddo0KBpopq133zXxK7qATwubBkcU9KRqHuO1QymXtrLPP2zUsL1harOPIFgLXBxDLhBKsXIX7tRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50868427330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 77df2033534ce77020167eb805984aa4
1f82cbeb5053961a34f7c98e5902c98001f8fefb
39e95727404783827965b243927e296d7ec870812489665b3ba3344b17a23232
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:13:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 1a9779b9a979e86049918a522a29c9d4
e1cb0d34edd498d900a1731d79cbc1ce2b751882
85ae4803e3b0fe65499206b6bdbc2f5c6df72a1ebc9f14e514bed075383cceb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 12:46:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r620alllErW8avMCImdfpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F9iEefnBzQ2YitsU+R+Ta837GFs=
i.servimg.com/u/f36/13/86/62/90/hide10.gif
200 OK 36 kB URL HTTP/2 i.servimg.com/u/f36/13/86/62/90/hide10.gif
IP
File type GIF image data, version 89a, 358 x 350\012- data
Hash d4097531d22f1f2f77bbc59081efbf09
c3665fec6c804ae09eb3261d17132947b3c85975
2e72c4e712d20771fba1110ff5d9523200e47d781cece5a6ddac16ca3e6d3003
GET /u/f36/13/86/62/90/hide10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/gif
content-length: 36263
last-modified: Fri, 16 Jul 2010 13:06:28 GMT
etag: "4c405954-8da7"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 03 Dec 2023 14:11:59 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrIGC6FmSQBtvuvbgsKaWtrhqPeh%2B1gJO3BcnJdK4OrwnNE7sfBk7sLj8E1Lp9CWB72B7GnvjuC%2BuM2cSjkSyYu6kPsugZ%2BnYzn9er%2BVSN0YMx9MNfiipwgtwb80udfJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce5082dbcb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_tabs_more.png
200 OK 927 B URL HTTP/2 2img.net/s/t/14/44/42/i_tabs_more.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 995561aa66a2bc07b364df8755944076
9e57d6628e228920e60c2326fb3fe039493c3750
8790b73fdc8c9ab05a6efe8ac06d358c9a9b49011b51ea9e030f6c95e013c179
GET /s/t/14/44/42/i_tabs_more.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/png
content-length: 927
last-modified: Wed, 27 Oct 2010 18:55:15 GMT
etag: "4cc87593-39f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fPbL39JRDh62%2Bt9FcjOA04JVL7JJcgM8lm0wKgqkdPfv30jpJSwqvFzu8QL%2FYLyJakQ5JTWF4tcL4JpSKgsioybXfANkbQWNu%2BPF8GLx1h7q5NCigZlz9SQnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50858217330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/hitskin.com/themes/14/44/42/i_icon_mini_login.jpg
301 Moved Permanently 178 B URL HTTP/2 2img.net/h/hitskin.com/themes/14/44/42/i_icon_mini_login.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/hitskin.com/themes/14/44/42/i_icon_mini_login.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 14:11:59 GMT
content-length: 178
location: http://www.hitskin.com/themes/14/44/42/i_icon_mini_login.jpg
cache-control: max-age=315360000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RC%2BW0eX%2FONowTsxpL%2Bb%2BhQCXj%2FMA6TsGJEm30TE5St74VebGUdC2SO8XvWqgqNuhLCoqoBwlS74d4T7oEog9kUxEZrAo0LX8qKKEaENrGAHH655mLmBIUxpq%2BByzuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce508684a7330-LHR
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_back_catg.jpg
200 OK 1.5 kB URL HTTP/2 2img.net/s/t/14/44/42/i_back_catg.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 22x39, components 3\012- data
Hash 0c9729fbfcae548d18c09c7c98e663d8
3d19c9231e1a4e3991f967990ea233148735a696
a04ca15df338eba58e6aef0b8d731faf83d118ad71a4c0ae4ce6b44fa95c0090
GET /s/t/14/44/42/i_back_catg.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/jpeg
content-length: 1461
last-modified: Wed, 27 Oct 2010 16:48:42 GMT
etag: "4cc857ea-5b5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u93iBvD53RRXpYOUnlWOBd7y2535I6JSIcqs7PXwFfZyzwd%2B9Nnz6dFPTs6f3o1Pt5Rzg%2F%2BsHMUgSSbebi2iT%2FVt0CilOy4oQNfYQjdsCj7FeeZdXIGyyIV6Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce508d8e47330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_icon_mini_register.gif
200 OK 10 kB URL HTTP/2 2img.net/s/t/14/44/42/i_icon_mini_register.gif
IP
File type GIF image data, version 89a, 100 x 130\012- data
Hash 32e2718c5975d5a5b98a15dd2e71a202
215f7182d6952629bf285f01056ce85f2653c707
b974aa579e51c0d269e6738490b0315c26b473efa3bbd0ca5100cf730658cef7
GET /s/t/14/44/42/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/gif
content-length: 10428
last-modified: Wed, 27 Oct 2010 19:31:32 GMT
etag: "4cc87e14-28bc"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI2s9pBaDpKhWCo%2FAzb5NtVQn0hjEGtQU8NfxBXK8eBoPEIp5lOOpuyAQ%2B%2FuE2ny6L2D6nf3zraISaimW%2BpvOpuLYUYiaxU7oX7T7TIZtDG%2FO9%2BBJsjymZiURQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce508684f7330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/44/42/i_icon_mini_index.jpg
200 OK 4.7 kB URL HTTP/2 2img.net/s/t/14/44/42/i_icon_mini_index.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 100x130, components 3\012- data
Hash 764c0252e76c6837c3f813dc613d3ef7
928cb3214f67a6d8eb748d557ac8652da255045b
a7db5b62e397773743c66d305f604775c18d7aa42a3fe01f62f082a16d022277
GET /s/t/14/44/42/i_icon_mini_index.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/jpeg
content-length: 4652
last-modified: Wed, 27 Oct 2010 16:48:42 GMT
etag: "4cc857ea-122c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jKFpXBt81tR9W5IKEwB3KCLAUagMcGt%2Ft792gAXgfh59YVdSdUkUY3e%2FikYPPloeZ2efgm08pGXbi67HtycpICSkrwQGTumvJwao%2F4wCUXnd5FyIRl6UbVMVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce50898917330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f36/13/86/62/90/27431310.gif
200 OK 31 kB URL HTTP/2 i.servimg.com/u/f36/13/86/62/90/27431310.gif
IP
File type GIF image data, version 89a, 173 x 174\012- data
Hash c4aeacbee71150e543e473168d969471
f3e2df58628b01821bfea9cb6e177104fe75a0ca
feebcc6d7c42acb4aca00f0448bb2b7f072b8f35ecd5805be3f1c1308803354a
GET /u/f36/13/86/62/90/27431310.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/gif
content-length: 30789
last-modified: Mon, 09 Aug 2010 17:04:55 GMT
etag: "4c603537-7845"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 02 Dec 2023 15:16:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXGe%2FM1wHNGDBqZjcyIxfoxl7MJw%2FGmZvNKXFVhg9V9NZRLRDcul8Lzema%2F%2BsyJU29XzsxN2QmmYj56zJhymCvhuw09lV9wDjtQUiCGvLuAL7zbJgikFnM%2FwGMP3DmKE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce5084df7b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0d777fa1fa7f20756be68639f40c8ea
f69cf5289f67226c3c76b3ac0438ae12089b1a7c
d8e6bbb67fa25a6487cd2cf767976e7771977be00831800667f68587bb9b8733
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8E6BBB67FA25A6487CD2CF767976E7771977BE00831800667F68587BB9B8733"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11972
Expires: Sat, 03 Dec 2022 17:31:31 GMT
Date: Sat, 03 Dec 2022 14:11:59 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 312 B IP
Hash 8b129125171aa50e40f0d0e26d1a6c4e
d1376718e6dd2b03aab6f632af2438b8ae3e49b2
96b4c4d6e7843adcee8a1cda47dc0d485752afc26d633c0e97892c6040e460fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4183
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:02:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 312
almraw3h.yoo7.com/serviceworker.js
200 OK 4.4 kB URL HTTP/2 almraw3h.yoo7.com/serviceworker.js
IP
Hash e39bee6518f06a9ecdf429fc54202eec
44dce3fda8c975be19e237571328a0097a51f092
554acf12d5455c7a5c0aacbeefa8875efd56b0e7a00b020606c6c3a2dab71d65
GET /serviceworker.js HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=167009; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2img.net/h/www.htoof.com/up/uploads/images/htoof-f7e34381e5.png
301 Moved Permanently 178 B URL HTTP/2 2img.net/h/www.htoof.com/up/uploads/images/htoof-f7e34381e5.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/www.htoof.com/up/uploads/images/htoof-f7e34381e5.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 14:11:59 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xl9fck1uAFFJME4NsfmvdiUpLeWvkHLFqCxLxb9u%2BTYaXHl5ZiNnHa%2FbuXJgCEXMntbKleYXqbRhCch8PrqDrSSoGh62NrWH6NBOTY29OISco63Achs5m4iD0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce508684c7330-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=almraw3h.yoo7.com&var=&ymid=&var_3=
200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=almraw3h.yoo7.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 254e3d44c1c5b63d82a8bd37ff9716c6
cb557c072c940bced189b186219a2b9bd9b4460d
6ca5993a880b42f618e5d3ecd1c8ca1d0ac2dbbdbb420d8efbed1ff61444bbaf
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=almraw3h.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 4cac7bd4df28a14a7ee10ad672116b6d
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Falmraw3h.yoo7.com%2Ftopicit%2Findex.php%2Fconnect&version=1
200 OK 1.5 kB URL HTTP/2 connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Falmraw3h.yoo7.com%2Ftopicit%2Findex.php%2Fconnect&version=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e04816edbc177dc4fd825b6a101aa957
2efebcaf6377eac15b61b48a17d3633f06c0feaa
c4f2b23e8679c6f903781162c59cf9d43dcf93d1059c35ab0db9833af2af5295
GET /button/light?id=topicit-connect-0&redirect=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Falmraw3h.yoo7.com%2Ftopicit%2Findex.php%2Fconnect&version=1 HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Sat, 03 Dec 2022 02:11:59 GMT
expires: Sat, 03 Dec 2022 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IlBFNHBlZ2hZOFowMTY5SWlDSTV4WkE9PSIsInZhbHVlIjoiZjkrc2kxWnJYSGRPYmgrN2NxNWJ5TytcL3FmOVkrTlZLUGpDTjFTOWxEUU8yTDY5WFh1Vm9VdGpiNFZGN1FqNUYiLCJtYWMiOiIyMmQ4MzFlMWJiZDMxYWVlNmFiNjFhMTZiZTFlMDk4ODk0MDFhZTA3MGQ4NGQyYWI1ZmVhMmRjZTg1NmYyNDY5In0%3D; expires=Sat, 03-Dec-2022 16:11:59 GMT; Max-Age=7200; path=/; domain=.topicit.net
topicit_session=ea6kxFbcwM3V1BRkt3WkBFwmpESyW9W3Fw6kgzcE; expires=Sat, 03-Dec-2022 16:11:59 GMT; Max-Age=7200; path=/; domain=.topicit.net; httponly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=if4ECSaDPgPOXHxAuRsQXr8RTgFY6SN8g%2BfIgLNarNKCWD%2FKDz2q5JpW9OORq5cXC1Ti3IoiKEx1rs7tV9oSpxRIbuaal574ZYg41pYnEyhABN5bqpJDApqDETtlrCWqX%2BTJuP3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ce5099d9ab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hitskin.com/themes/13/83/91/i_background.gif
301 Moved Permanently 178 B URL HTTP/2 hitskin.com/themes/13/83/91/i_background.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /themes/13/83/91/i_background.gif HTTP/1.1
Host: hitskin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 14:11:59 GMT
content-length: 178
location: http://www.hitskin.com/themes/13/83/91/i_background.gif
cache-control: max-age=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8MsMhqvMF2EpxSv0SOLlf0%2Bx0jTUqkePQZNKGyex6MdvudEqb645sP%2FgASWNzSxCY26u9KtOVSi4qqRgAF1TC4pzGTupzLMYHak8mPOBvbPHhWPLVjS65RuctQTfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773ce509ea70b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hitskin.com/themes/14/44/42/i_icon_mini_login.jpg
200 OK 4.7 kB URL HTTP/2 www.hitskin.com/themes/14/44/42/i_icon_mini_login.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 100x130, components 3\012- data
Hash 307e5166f39de818f4973d9d69fc11ef
f9b5a67cf045838132b5ac6ef42eafa57751803d
25f3093cdf242dc4443de045414f26f631afd8f7a57332f9c1aed204b64c4ad0
GET /themes/14/44/42/i_icon_mini_login.jpg HTTP/1.1
Host: www.hitskin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: image/jpeg
content-length: 4679
last-modified: Wed, 27 Oct 2010 16:48:42 GMT
etag: "4cc857ea-1247"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 03 Dec 2023 14:11:59 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yARKehDsQs60y0QfFX%2BRaXBb5bOW5CPNuFRdmSIN86Vk78xENfEtv05jVQ%2Bywj5s8pNL3Z82iGDQA0ZB2e3DJ61xBf13DxnX3l2M%2FfKgJMj6%2BIdIHGjwQNbpfcpa9wS%2FF2A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce50a0a88b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=_d88QV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdqNExSdTBHSG1VMGk1UEF6RkxFVjJ5VHVsN3ZUdCUyRmdwc054aW9CdGQ0Qg; expires=Thu, 28 Dec 2023 14:11:59 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 366098
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash ea3d8fb16cfb8d3abf79bcd96048cd94
fe5de8bf7cc10ee75c747dd6e18616161ef2fc81
a91b38575d80c30d9c5e87ee9b2e6f42e261cdab08e3180d4baf904dcfca5f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4193
Cache-Control: max-age=161930
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638b1e58-13a"
Expires: Mon, 05 Dec 2022 11:10:49 GMT
Last-Modified: Sat, 03 Dec 2022 10:00:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash ea3d8fb16cfb8d3abf79bcd96048cd94
fe5de8bf7cc10ee75c747dd6e18616161ef2fc81
a91b38575d80c30d9c5e87ee9b2e6f42e261cdab08e3180d4baf904dcfca5f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: max-age=161912
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:11:59 GMT
Etag: "638b1e58-13a"
Expires: Mon, 05 Dec 2022 11:10:31 GMT
Last-Modified: Sat, 03 Dec 2022 10:00:56 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
www.hitskin.com/themes/13/83/91/i_background.gif
200 OK 2.4 kB URL HTTP/2 www.hitskin.com/themes/13/83/91/i_background.gif
IP
File type GIF image data, version 87a, 60 x 60\012- data
Hash 4a0f8c785f91fe233157c38717c39435
71b249a3ab04b79c0cc4c18a80f2c26b33b7d5b5
f1f84c928958f22360b87ec87c0ec08b70cacbd30546cb0d414163c6a74471cf
GET /themes/13/83/91/i_background.gif HTTP/1.1
Host: www.hitskin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:00 GMT
content-type: image/gif
content-length: 2421
last-modified: Wed, 27 Oct 2010 18:11:15 GMT
etag: "4cc86b43-975"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 03 Dec 2023 14:12:00 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWmXIobLliU6qA11Yp%2BWob6i3hWgVmT6h3DU9G5blkXxmi4Puq44oRXhAvWAmSwKU74qKVTRrsFwTAcW0EazUfeucbkpT%2BuyMmz%2BVkQoXKVNYJ4o9DeNvPXIt8oCNbj2jeo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce50b2bb0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
almraw3h.yoo7.com/?utm_source=pwa
200 OK 17 kB URL HTTP/2 almraw3h.yoo7.com/?utm_source=pwa
IP
Hash 8bfb43829adfec4aff181d837a18e43c
18885c79465e748de5648b08294c20bb71895f85
80fb29057d5fbefa4685968637c1a99c194a2973e558b4ccd0f9289d6b1bbd26
GET /?utm_source=pwa HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=167009; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 03 Dec 2022 00:00:00 GMT
last-modified: Sat, 03 Dec 2022 14:11:59 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4637
Expires: Sat, 03 Dec 2022 15:29:17 GMT
Date: Sat, 03 Dec 2022 14:12:00 GMT
Connection: keep-alive
gum.criteo.com/syncframe?origin=publishertag&topUrl=almraw3h.yoo7.com
200 OK 5.6 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=almraw3h.yoo7.com
IP
Hash 69fc9c7aba047d8e31c9ec18f0eded88
bb3eec2c4a8f5ca796a1e8125b47388b4f030c75
76f100b93d713b8ad105d8591461d58c0d2b4ab38bbe1aaa2b9275e69e970bbf
GET /syncframe?origin=publishertag&topUrl=almraw3h.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:58 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=69c774b1-7e80-4270-846b-b99bc33c33f7; expires=Thu, 28 Dec 2023 14:11:58 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 584251
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: h_QxhlhIxUS0VSjt1z50xNf0u1eB6c1WPTJUfvwGQA-t4M0zmXo2AA==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:03:42 GMT
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
age: 58098
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 29470
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 29900
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 59646
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 55976
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tp50A9LYeT1RvSPImBUoQNKtarPryKb8Zacm_nxqDh-gegwdQov7Nw==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:50:52 GMT
age: 37268
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2img.net/h/www.alzaker.com/vb/images/infs/jobs/Engineer.gif
404 Not Found 29 kB URL HTTP/2 2img.net/h/www.alzaker.com/vb/images/infs/jobs/Engineer.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 337a4b62619ac3d6b5356e21f8e55275
76ae544b39815b4092c1787b1d20acdfc3bf6b3f
3e6976fc56f7edc8828a9125f342b146b92e53c57c4486ef00175dbd4a6299d8
GET /h/www.alzaker.com/vb/images/infs/jobs/Engineer.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 14:12:00 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97W91YQwJNLLsCOHZNp0aqPsV0KHxzi1f8JK1aJUrA68b2RR9upolLoxCo7azOn3z3q44EzsQFbRAyQICiRuF9yCpoSdGPzcwxfibPMMt2qTGVcqF%2FOHOgXidA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce508481b7330-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.alzaker.com/vb/images/infs/gender/unknow.gif
404 Not Found 20 kB URL HTTP/2 2img.net/h/www.alzaker.com/vb/images/infs/gender/unknow.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ec63fdbe2c5492f829d23e79307b4a10
f64a512d9721de9ae86c33eb36802cdb970c3d6b
64eaf61a25ef3eb6695ccf6b72e5bdcb911e86d5b54734bcb0ef002ee92dfb95
GET /h/www.alzaker.com/vb/images/infs/gender/unknow.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 14:12:00 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVxhP74%2Ffpxnz4KVF6HF0OgNYFWPl%2F59n0i9MNY1YYYhnLbBOh08P7jEf9mQ4w59SG%2BbdUWnfg1fR5%2F3CVZlqckkJqb6LOGk2zz95nTOGqO%2F5Vezz2MGIYWIkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce50848187330-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.alzaker.com/vb/images/infs/gender/male.gif
404 Not Found 87 kB URL HTTP/2 2img.net/h/www.alzaker.com/vb/images/infs/gender/male.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c65d10206d8d11141b2e81da94349d4d
214d2c63f6d7578251068a1b4a9bda286c213af1
0a04afb62b59d43c7b25ac73c29938336f6d3e0b16473f455d61bea346883c76
GET /h/www.alzaker.com/vb/images/infs/gender/male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 14:12:00 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHOvVQ7q2tZmJsVsg83z0XnaL5JdtcMNcQTr5iEL3dDHpxcWxK5k7As5LnxXficLfUexfhBBXNnPZJxCYasGQTYDYvZKKWlXM5mkhcbV94qaEs8SS6a3AlLJCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce508581f7330-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.alzaker.com/vb/images/infs/nationality/ymany.gif
404 Not Found 26 kB URL HTTP/2 2img.net/h/www.alzaker.com/vb/images/infs/nationality/ymany.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1a16596c4aa5b2cebce5b4ae0d23ec99
02186f6c4b16987773f3604acf38dd8acc2a4555
ffb877965575b806f33d9f06ee4334d194125d1995e4cabd49fa5de4319f896c
GET /h/www.alzaker.com/vb/images/infs/nationality/ymany.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 14:12:00 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2KJEMfaJ5%2Fq5NDnWhgM1w0kUnAPYGoOXpSkfzZ55iaujt7PYA6QFhIOesjVxZ1pvevexTzMIZeZ58ZMtXa6slYcj3lbKHkewiqOCJ0reBFpoygI65dLbKB9lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce50868497330-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=132&profileId=206&cb=19241227925
200 OK 160 B URL HTTP/2 bidder.criteo.com/cdb?ptv=132&profileId=206&cb=19241227925
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ef0c8d8409e2f7e3559a7613d1f3044d
8aa39723fe859a4975903b2e8dd7991710f109ba
fd307437d3114be2df8180e00f8d187aaa7da5bf80664c0d4c449dd6059c89b7
POST /cdb?ptv=132&profileId=206&cb=19241227925 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 566
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:00 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://almraw3h.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e41ec1829734e97e800e3878ac3b0e7b
65fb1b8e0d5551765be22db21f430790362c521c
9e6b1250471296a02866fa563a5df5021959ac0722f25178275db31913d115ec
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155418
Date: Sat, 03 Dec 2022 14:12:01 GMT
Etag: "638b00ca-1d7"
Expires: Mon, 05 Dec 2022 09:22:19 GMT
Last-Modified: Sat, 03 Dec 2022 07:54:50 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4AZ_SQU9wi9CUP4zX-kxSyj-vrhcizklPsblESkbjoMvRwYBPZSAPg==
Age: 5249
api.viglink.com/api/ping
200 OK 259 B IP
File type ASCII text, with no line terminators
Hash 147b27273f98365bb887a52f1198e4f2
e07fd80f061b107962aeabe5c640593da686dd11
f3cfe6e5eef49fa67d27e5ef15fc5d54ff9c81965d072378b9f2aa79e2e70d23
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 136
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://almraw3h.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
cdn.taboola.com/libtrc/impl.20221201-24-RELEASE.js
200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221201-24-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 147 kB (146699 bytes)
Hash 385cfb682512980cfe2f08fd62b6fb64
919642ed4b5417f290135254ad4111ebd8e2aa43
65c97a5cb9fd3d92e790d93891cdbca0ebe7ca98d603a131d830a8d47db41e3a
GET /libtrc/impl.20221201-24-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rFDrDFdl4BZ4eIl3PtktQYpAVy1RE6POaQ9eRZxo+xxAX1n6SMNyHhkN5nza1KCxHfcBpzMAfto=
x-amz-request-id: PDD8ANKXRASKG9HN
last-modified: Thu, 01 Dec 2022 17:45:55 GMT
etag: "385cfb682512980cfe2f08fd62b6fb64"
content-encoding: br
x-amz-version-id: ofIXx6LEWRAEtEe5ALtgmKE0Y_JueXHu
content-type: application/javascript
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:01 GMT
via: 1.1 varnish
age: 15768
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 9586
x-timer: S1670076721.089281,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 12
server: AmazonS3-br
content-length: 146699
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=141940975842157&input_token&origin=1&redirect_uri=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&sdk=joey&wants_cookie_data=true
200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=141940975842157&input_token&origin=1&redirect_uri=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&sdk=joey&wants_cookie_data=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=141940975842157&input_token&origin=1&redirect_uri=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://almraw3h.yoo7.com
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: mzWLs2tQe/mATqx1wEDx99GHPa98v1MgWrSXrVy8Q0u+Dp1KXWzROu2nvQUSnArriAPrLK+j6iwqhpSRv+f0oQ==
content-length: 0
date: Sat, 03 Dec 2022 14:12:01 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
almraw3h.yoo7.com/images/icons-180.png
200 OK 20 kB URL HTTP/2 almraw3h.yoo7.com/images/icons-180.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 50cea7fa813f643b25298d9cc7e3df31
55279203309c9e636d4ef5b05a5bb41c0d6677fe
88d498000542f8a0e6e4a167b638fb2558f9c90b0c8b1b82914902773b34e731
GET /images/icons-180.png HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/t988-topic
Cookie: exadd=167009; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:01 GMT
content-type: image/png
content-length: 19600
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 03 Dec 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A11%3A59.172&type=usage&msg=rtus&llvl=2&id=9944&cv=20221201-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A11%3A59.172&type=usage&msg=rtus&llvl=2&id=9944&cv=20221201-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=14%3A11%3A59.172&type=usage&msg=rtus&llvl=2&id=9944&cv=20221201-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 14:12:01 GMT
x-fastly-to-nlb-rtt: 22053
access-control-allow-credentials: true
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:01 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Tue, 28 Nov 2023 14:12:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:01 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Tue, 28 Nov 2023 14:12:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Content-Type: application/json
Origin: https://almraw3h.yoo7.com
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 79e9ee001dcb6f2d1234f019555b8d2b
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Content-Type: application/json
Origin: https://almraw3h.yoo7.com
Content-Length: 457
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: fe4c0036baad3ad72dea9fb2ee03e2d5
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 278db9f65b7f9b7ec2bbaadad617c566
66a10e2c2fcf9c7377f7dfc61a0edb89e12896bc
fd3d9255524641295fb8d12c8daa24f442386065aedba2b40a1186100800768d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD3D9255524641295FB8D12C8DAA24F442386065AEDBA2B40A1186100800768D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2608
Expires: Sat, 03 Dec 2022 14:55:31 GMT
Date: Sat, 03 Dec 2022 14:12:03 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash d047b0066d46de7f699f07688af3918b
288803bbc80d1942b424477bbc4606b129aebd1f
9ac9c1963945c3fc69568fe642db3d270f59b1328bf4ccd03bf69e7b6248e597
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1365
Cache-Control: max-age=152982
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:03 GMT
Etag: "638b0674-117"
Expires: Mon, 05 Dec 2022 08:41:45 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=almraw3h.yoo7.com&info=zapKol80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdqNExSdTBHSG1VMGk1UEF6RkxFVjJUJTJCJTJGTlgwVWklMkI4dVg0JTJGb0Y1VE5tNg&idsd=1999665483,573567868&cw=1&lsw=1
200 OK 5.8 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=almraw3h.yoo7.com&info=zapKol80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdqNExSdTBHSG1VMGk1UEF6RkxFVjJUJTJCJTJGTlgwVWklMkI4dVg0JTJGb0Y1VE5tNg&idsd=1999665483,573567868&cw=1&lsw=1
IP
Hash 468c22e906b4df453f3a2ef961afa15f
41271ad83cf1066deed8ce448020955b75d8df3b
9c26e3ef4353a66c8b98edaf1709a05a90deeebb9d144a7676737967de725fae
GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=almraw3h.yoo7.com&info=zapKol80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdqNExSdTBHSG1VMGk1UEF6RkxFVjJUJTJCJTJGTlgwVWklMkI4dVg0JTJGb0Y1VE5tNg&idsd=1999665483,573567868&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=almraw3h.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1002043
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7498
Expires: Sat, 03 Dec 2022 16:17:01 GMT
Date: Sat, 03 Dec 2022 14:12:03 GMT
Connection: keep-alive
trc.taboola.com/forumotion-ar/trc/3/json?tim=14%3A11%3A59.179<i=deflated&data=%7B%22id%22%3A479%2C%22ii%22%3A%22%2Ft988-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669917140416%2C%22vi%22%3A1670076719176%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic%22%2C%22vpi%22%3A%22%2Ft988-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2449%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A737%2C%22mw%22%3A0%2C%22amw%22%3A1126.800048828125%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2345.333251953125%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft988-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
200 OK 42 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=14%3A11%3A59.179<i=deflated&data=%7B%22id%22%3A479%2C%22ii%22%3A%22%2Ft988-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669917140416%2C%22vi%22%3A1670076719176%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic%22%2C%22vpi%22%3A%22%2Ft988-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2449%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A737%2C%22mw%22%3A0%2C%22amw%22%3A1126.800048828125%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2345.333251953125%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft988-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
Hash 571129a5a5e16c546ab20b24b9024461
1996a42b3ab3d002488d6761c5ba7410b7cc1a9b
8b4a3e7237e1d53dd2002533cd79d55e3e80dec7a052728f4ee7d6b9be6d6600
GET /forumotion-ar/trc/3/json?tim=14%3A11%3A59.179<i=deflated&data=%7B%22id%22%3A479%2C%22ii%22%3A%22%2Ft988-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669917140416%2C%22vi%22%3A1670076719176%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic%22%2C%22vpi%22%3A%22%2Ft988-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2449%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A737%2C%22mw%22%3A0%2C%22amw%22%3A1126.800048828125%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2345.333251953125%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft988-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670076721.459910,VS0,VE394
vary: Accept-Encoding
x-vcl-time-ms: 394
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 402
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 14:12:03 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://almraw3h.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221201-24-RELEASE.es6.js
200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221201-24-RELEASE.es6.js
IP
File type ASCII text, with very long lines (17842)
Hash 3767da295d90d4c24af46376d07d5cde
ab04b6b8786df6bc95a073872f61937f1b13eeb2
ac5acd527482d71c4e70c82d6d487ed41dc65bed1acf1759b6bc9d863e6e563e
GET /libtrc/userx.20221201-24-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: qMZYEpAgENcZNG+9XK3eH6EoB170TC4Taq/jEXHxbB6WGtDcHZAZIX/26auQKENc8X8eX20WSgw=
x-amz-request-id: 1MV75WX5S7VBM1F7
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 18:03:33 GMT
etag: "16f67637ac3bc1b6ccd63e6d03c34457"
x-amz-version-id: odjpI9TqiU291.wDPAnq80pQaadNJReA
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
via: 1.1 varnish
age: 66
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1670076724.223555,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 12
content-length: 5398
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash aac1042207afd54e1cf1befcaf3420cd
00f0597866330a850a1d6222861591f24dd18380
ea77ece8880eb28ffe83e94ef787b4204f8b1b3d09f443011b898b13ed4bb706
GET /lite-unit/3.9.8/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
etag: "1842444d4bb92087143326a4d508875d"
server: AmazonS3
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: iVxUQ_yUDgKIDSZaR21P2jFvv94ZUaTAMQdnd9xsEMFJTpsmb2NMlg==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 976167
x-served-by: cache-bma1641-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 31397
x-timer: S1670076724.224478,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29909
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
200 OK 5.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d65770a978e97f8a2e0702660dcc371
44e306f08e5af8e4ca2ceb97ec8361b9e693f322
b78ba46b24021d32bbf4679d64dd112f2164bb3a17a62aae0aedcbaa4f5f437a
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "2e4f6466dae29a54e4d540a2389ed4c3"
expiration: expiry-date="Sun, 23 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 22 Sep 2022 11:56:27 GMT
req-referer: https://pontera.yoo7.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 758
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 4912407
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kjyo7100042-IAD, cache-chi-klot8100141-CHI, cache-iad-kcgs7200074-IAD, cache-bma1641-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 136, 1
x-timer: S1670076724.226337,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 1
content-length: 5812
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
200 OK 4.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8962f521ae193d2b2061f58dc8f89ce9
1832568abab40a10d95e795bf75ee4f4d8b44a20
28eadc3a84f45934e6bedc49fbd76b64f7597dd745aacd1e3941fc76698aaf85
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 361442623871098473179176297192785719265,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 361442623871098473179176297192785719265,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "14867859cc7173497c24514b15dae13d"
last-modified: Sat, 10 Sep 2022 16:32:24 GMT
req-referer: https://acdn.adnxs-simple.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 91afd6b6999824384f88689919f30779
x-envoy-upstream-service-time: 97
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 5809321
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kiad7000135-IAD, cache-bur-kbur8200028-BUR, cache-iad-kiad7000126-IAD, cache-bma1641-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 4, 1, 46, 1
x-timer: S1670076724.226195,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
x-vcl-time-ms: 1
content-length: 4544
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/14/42/98/i_logo.jpg
200 OK 10 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/14/42/98/i_logo.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 600dc357fd0e6a406550f7686ede1870
4eb786d4759cafe8d5ec97de155606feac19f48b
8fbd860beae93922de604e00a261610aeaedc619d64efe6e26db615dc31f8d7c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/14/42/98/i_logo.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 512232456981318963276091892163176512454,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 512232456981318963276091892163176512454,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "e7b0602ccb367b2eb79bd8d2d8216130"
last-modified: Mon, 24 Oct 2022 16:50:17 GMT
req-referer: https://yesilcam.benimforum.net/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: e5209023c41dbb4800be475123f582a3
x-envoy-upstream-service-time: 1118
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 2697802
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kcgs7200093-IAD, cache-lax10650-LGB, cache-iad-kcgs7200160-IAD, cache-bma1641-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 2, 1, 16, 1
x-timer: S1670076724.227180,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/14/42/98/i_logo.jpg
x-vcl-time-ms: 1
content-length: 10184
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
200 OK 6.6 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 895a214bddd88917cf24a7a5a1134ecc
bbece246b3c2d67d1ade903ed89ba64b42beb0cf
65cd0defed038c783a224fa3d2a85d9542d2d550852b5045cf835dd3973b7070
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 409007793272519477888960907609700542045,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 409007793272519477888960907609700542045,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
etag: "bb76fc9979910c2e224c4922a82e49ce"
last-modified: Tue, 18 Oct 2022 06:42:48 GMT
req-referer: https://quranacademy.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 6e1cdd5e27c7fce570a350e85ae02f06
x-envoy-upstream-service-time: 721
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 4001356
x-served-by: cache-iad-kiad7000066-IAD, cache-iad-kjyo7100143-IAD, cache-sna10742-LGB, cache-iad-kiad7000138-IAD, cache-bma1641-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 147, 1
x-timer: S1670076724.227345,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
x-vcl-time-ms: 1
content-length: 6598
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=2GgXnYGzfanF_dG2sQdr3nhveuY9IRPdQvFRxZMSGALdWj3CYN_HqxssvdBs1CGx_x23OG4IJaDRPWLiNrqdixt8DEMFOl-I63dgeXs2bZRi--pAa5Tsxs9mY8MdAn4jx7FEHNkth65ruwnA2B5VqY7WxMPWHCsHEwGrXmHw2LRMF__tt07HQ-rSb_jFouTROnPU6KzVSugVlcyknpBRENEwyPFIrafovrxy-7RGaPaYs3eRCz0HFQ%3D%3D&request_ab2=96002&zoneid=3765907&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=a6520fef-6cbd-4b7c-b3d1-8ed156f55b9c&userId=ef8b3d0e72b8404da74c80a72fab52de&m=link
200 OK 1.8 kB URL HTTP/2 cdn.betgorebysson.club/?rb=2GgXnYGzfanF_dG2sQdr3nhveuY9IRPdQvFRxZMSGALdWj3CYN_HqxssvdBs1CGx_x23OG4IJaDRPWLiNrqdixt8DEMFOl-I63dgeXs2bZRi--pAa5Tsxs9mY8MdAn4jx7FEHNkth65ruwnA2B5VqY7WxMPWHCsHEwGrXmHw2LRMF__tt07HQ-rSb_jFouTROnPU6KzVSugVlcyknpBRENEwyPFIrafovrxy-7RGaPaYs3eRCz0HFQ%3D%3D&request_ab2=96002&zoneid=3765907&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=a6520fef-6cbd-4b7c-b3d1-8ed156f55b9c&userId=ef8b3d0e72b8404da74c80a72fab52de&m=link
IP
Hash 83c189879ee0c44d59590c447fb62c69
cec25835a708b5ef2ea12770dece58fa41a1c825
d6d574202fcaa9f0eb2e295ddc9b2947dcdbebdb5d3cb237f5c8d2600594c248
GET /?rb=2GgXnYGzfanF_dG2sQdr3nhveuY9IRPdQvFRxZMSGALdWj3CYN_HqxssvdBs1CGx_x23OG4IJaDRPWLiNrqdixt8DEMFOl-I63dgeXs2bZRi--pAa5Tsxs9mY8MdAn4jx7FEHNkth65ruwnA2B5VqY7WxMPWHCsHEwGrXmHw2LRMF__tt07HQ-rSb_jFouTROnPU6KzVSugVlcyknpBRENEwyPFIrafovrxy-7RGaPaYs3eRCz0HFQ%3D%3D&request_ab2=96002&zoneid=3765907&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=a6520fef-6cbd-4b7c-b3d1-8ed156f55b9c&userId=ef8b3d0e72b8404da74c80a72fab52de&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Cookie: OAID=ef8b3d0e72b8404da74c80a72fab52de; oaidts=1670076723
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:03 GMT
content-type: application/json
x-trace-id: cb492296e285ce837fe329348f93fb7a
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ef8b3d0e72b8404da74c80a72fab52de; expires=Sun, 03 Dec 2023 14:12:03 GMT; path=/; secure; SameSite=None
oaidts=1670076723; expires=Sun, 03 Dec 2023 14:12:03 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 10 Dec 2022 14:12:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/11/46/33/i_logo.gif
200 OK 20 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/11/46/33/i_logo.gif
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x200, components 3\012- data
Hash 4b3715f6c2ef3dc32cbad81088331cc5
dff9cfab00c62a29eeb47c77ffd6d3a8261661c9
bea2943faec9732de969bdae6525c1e64fd3b227f8c50533133443c47df39fa2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/11/46/33/i_logo.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 536361853833295431903982868540306003013,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 536361853833295431903982868540306003013,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "4b3715f6c2ef3dc32cbad81088331cc5"
expiration: expiry-date="Thu, 24 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 24 Oct 2022 12:05:47 GMT
server: cloudinary
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 874626
x-served-by: cache-iad-kcgs7200172-IAD, cache-iad-kcgs7200091-IAD, cache-bma1641-BMA
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 9, 1
x-timer: S1670076724.226449,VS0,VE3
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/11/46/33/i_logo.gif
x-vcl-time-ms: 3
content-length: 20171
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg
200 OK 7.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2e553d95af9bb5acf7ffabe042ea0248
dd320b3c2e4c8578c5a11042bb4f6b1a9e17bcfb
ac8adbb2e37386733ed713e4ea70af6cd6291ab02e38dac40007c785fc5d1045
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 306466372957551130704574454496854686602,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 306466372957551130704574454496854686602,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "3ccee5279d4390fe6a2c917a4e09f2f3"
expiration: expiry-date="Tue, 01 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 01 Oct 2022 22:52:16 GMT
req-referer: https://andalous.ahlamontada.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 391
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
age: 2749010
x-served-by: cache-iad-kiad7000038-IAD, cache-iad-kiad7000031-IAD, cache-chi-klot8100080-CHI, cache-iad-kcgs7200117-IAD, cache-bma1641-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 56, 1
x-timer: S1670076724.226634,VS0,VE6
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg
x-vcl-time-ms: 6
content-length: 7140
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=515473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773ce523a851b529-OSL
api.viglink.com/api/domains
200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 3ddce4333ca9e622193fbf217bdf0777
ee84e0e57a3133ae0633bfe567e82d36751c8a35
87fe91273202013cbd43229ac39f8e9f33373501fa2327c844b3fe89282c5d7c
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 315
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://almraw3h.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 1.8 kB URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash 86e417034bb4da7c539842385c43c5de
d76755422c7ad26c252ecd10fc200b38dcfe1735
9b18ed828001244c809636e3d54f7b219edaba55fce5b9457c455b5f1fa090a0
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 899
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://almraw3h.yoo7.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&gjid=1447627235&_gid=945522702.1670076719&_u=YEBAAUAAAAAAACAAI~&z=146840789
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&gjid=1447627235&_gid=945522702.1670076719&_u=YEBAAUAAAAAAACAAI~&z=146840789
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&gjid=1447627235&_gid=945522702.1670076719&_u=YEBAAUAAAAAAACAAI~&z=146840789 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://almraw3h.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 14:12:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash e995dace340276fb593ba5f7f0c6c5a6
e62bb0b8cc61a62c5bcd6154dade50c2f7588ee5
4fa2aeb8a4a165dcec046e727900c30985f472dbf50019c1db2556751d525643
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 259
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://almraw3h.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
200 OK 471 B IP
Hash 7248e1dacafd3d9f50bd21ca11f2ce94
a573e4caa15e0d8411fa279b7e4bb7774e63e95f
dfe6f32c6acc58306d9e61008bebf9e678d12e73c1568ed6798a8180496a21c0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6114
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Last-Modified: Sat, 03 Dec 2022 12:30:10 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 7248e1dacafd3d9f50bd21ca11f2ce94
a573e4caa15e0d8411fa279b7e4bb7774e63e95f
dfe6f32c6acc58306d9e61008bebf9e678d12e73c1568ed6798a8180496a21c0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4620
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Last-Modified: Sat, 03 Dec 2022 12:55:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=76bed949-7314-11ed-bdc7-1fe3cd8f0306; expires=Sat, 31-Dec-2022 14:12:04 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76bed98b-7314-11ed-bdc7-1fe3cd8f0306
X-fe: 23
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76bed98b-7314-11ed-bdc7-1fe3cd8f0306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76bed98b-7314-11ed-bdc7-1fe3cd8f0306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76bed98b-7314-11ed-bdc7-1fe3cd8f0306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=76c33b9e-7314-11ed-b26c-1644f9a80406; expires=Sat, 31-Dec-2022 14:12:04 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 96
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=76c32cad-7314-11ed-9a96-1ee5b9e10206; expires=Sat, 31-Dec-2022 14:12:04 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76c32d16-7314-11ed-9a96-1ee5b9e10206
X-fe: 113
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76c32d16-7314-11ed-9a96-1ee5b9e10206
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76c32d16-7314-11ed-9a96-1ee5b9e10206
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76c32d16-7314-11ed-9a96-1ee5b9e10206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=76c82749-7314-11ed-a88c-15758c630406; expires=Sat, 31-Dec-2022 14:12:04 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 82
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&cmcv=&pix=31589837&cb=1670076722495&uv=3245&tms=1670076722495&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670076716162!ts:1670076722495&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&cmcv=&pix=31589837&cb=1670076722495&uv=3245&tms=1670076722495&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670076716162!ts:1670076722495&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&cmcv=&pix=31589837&cb=1670076722495&uv=3245&tms=1670076722495&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670076716162!ts:1670076722495&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:04 GMT
content-length: 0
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash a36bb2ff64e3251cf5abf70cbe56b4a2
bd5e36efe366cbd0092d768b689bf216b8e0815f
18b90a63b26fa5977493cf633f97f7559210e3b7d2e0632c71ecc5793b1ac06a
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 189
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://almraw3h.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&_u=YEBAAUAAAAAAACAAI~&z=641079652
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&_u=YEBAAUAAAAAAACAAI~&z=641079652
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&_u=YEBAAUAAAAAAACAAI~&z=641079652 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 14:12:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&_u=YEBAAUAAAAAAACAAI~&z=641079652
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&_u=YEBAAUAAAAAAACAAI~&z=641079652
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=367635451.1670076719&jid=1638852197&_u=YEBAAUAAAAAAACAAI~&z=641079652 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 14:12:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?tvi2=4948&route=AM%3AIL%3AV<i=deflated&bulkSize=2
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?tvi2=4948&route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?tvi2=4948&route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3461
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670076725.775145,VS0,VE91
x-vcl-time-ms: 91
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 2c4ea986d0610d63e1b194f1a8dbbd66
0a42cde7b7523c513a7f50d41bb426b596e5c92c
77f5fb4e5a1952aaf1b276cb9f614ef069a41d1f613efacaf6745fa4e8977baa
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 14:12:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 12:33:34 GMT
ETag: "0a42cde7b7523c513a7f50d41bb426b596e5c92c"
Last-Modified: Sat, 03 Dec 2022 12:33:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 14
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ce52a7d570b06-OSL
vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
IP
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_4_5/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Bf8dw0NjA07TfpEMmKBaL+UFJWQuALEo7owO+vyJS0Z7+UM4VbN5qXqenI+jCaBsTF8hL6tqRMY=
x-amz-request-id: 89SNZ5N6GV47VA34
last-modified: Mon, 28 Nov 2022 10:07:46 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1669630065
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630064
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
via: 1.1 varnish
age: 446565
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 110568
x-timer: S1670076725.871556,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:04 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 65b6e83c9cef41c312b3139d3b2514c4
04cc6429df7a02c9de47b07513dae643b5b0f911
6301ef8cf37410e579b623326e81766070ac7c9ef40a03b968577637a914490b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101513
Date: Sat, 03 Dec 2022 14:12:05 GMT
Etag: "638a3234-1d7"
Expires: Sun, 04 Dec 2022 18:23:58 GMT
Last-Modified: Fri, 02 Dec 2022 17:13:24 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8CoJSmCyz2EPC3tLG70tFtgJVFUmQ_8_cS-UVLvAgJdm5f1AyZLFxA==
Age: 4234
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A12%3A02.202&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5035&cv=20221201-24-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A12%3A02.202&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5035&cv=20221201-24-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=14%3A12%3A02.202&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5035&cv=20221201-24-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
x-fastly-to-nlb-rtt: 77016
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=76fbc844-7314-11ed-a637-107c10e90206; expires=Sat, 31-Dec-2022 14:12:05 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fbc882-7314-11ed-a637-107c10e90206
X-fe: 85
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=undefined&cb=1670076722996&uv=3245&tms=1670076722996&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e2281f75-685e-45ee-a18e-858ba5780b56&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 551 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=undefined&cb=1670076722996&uv=3245&tms=1670076722996&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e2281f75-685e-45ee-a18e-858ba5780b56&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1101), with no line terminators
Hash 609b4c13e1bee231ebbe43e2f62d106f
75b6f6a83ffef1ae10f9a694e706a7b93419a620
f13b63f931baf11edc41816125e2adf4209564ab8a2b1deaaa39e1f4f4af04e6
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=undefined&cb=1670076722996&uv=3245&tms=1670076722996&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=e2281f75-685e-45ee-a18e-858ba5780b56&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670076725.069239,VS0,VE27
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fbc882-7314-11ed-a637-107c10e90206
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fbc882-7314-11ed-a637-107c10e90206
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fbc882-7314-11ed-a637-107c10e90206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=76ffda13-7314-11ed-902b-155da6fd0206; expires=Sat, 31-Dec-2022 14:12:05 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 91
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fe4ff5-7314-11ed-9699-155da6fd0506
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fe4ff5-7314-11ed-9699-155da6fd0506
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=76fe4ff5-7314-11ed-9699-155da6fd0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=77025be8-7314-11ed-b9cc-16a7f9820506; expires=Sat, 31-Dec-2022 14:12:05 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=31589837&cb=1670076722995&uv=3245&tms=1670076722995&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670076716162!ts:1670076722995&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=31589837&cb=1670076722995&uv=3245&tms=1670076722995&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670076716162!ts:1670076722995&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=31589837&cb=1670076722995&uv=3245&tms=1670076722995&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670076716162!ts:1670076722995&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
content-length: 0
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&excid=22&docw=0&cijs=1&nlb=true
200 OK 129 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
Size 129 kB (128890 bytes)
Hash 25c38cf5c1bf03c4c2131c16ef01bdf7
39e075af07192200fe7b1e815cc1d01818adcfc2
efae43e6b549cffbf74e7c59896919ac0593a89bf81bd8a1c2f0f0022ead2ab7
GET /sync?dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:05 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Sat, 03 Dec 2022 14:12:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fad632aa1e7fe5767861d97c6361f7af
c5e2f50e677c318db7a07f2dbc8bbe58555cffef
49b907be01c784612faa455269993bdd5fdd2031297a3d2256d8a29e0a2ecc62
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3994
Cache-Control: max-age=94015
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 14:12:05 GMT
Etag: "638a15da-1d7"
Expires: Sun, 04 Dec 2022 16:19:00 GMT
Last-Modified: Fri, 02 Dec 2022 15:12:26 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A12%3A02.724&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5990&cv=20221201-24-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A12%3A02.724&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5990&cv=20221201-24-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=14%3A12%3A02.724&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5990&cv=20221201-24-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
x-fastly-to-nlb-rtt: 77056
access-control-allow-credentials: true
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:05 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:05 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Dec 2022 14:12:05 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.js
200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP
File type ASCII text, with very long lines (18728)
Hash 73317a5e42c83bb5a25d043499e72564
6afabdb201460a3e0a3dcf2357ae51422ff82c3a
499e3ccaa85a92aa164fb51812587ff4c3ded2073eadf304eaea240e787734a5
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sat, 03 Dec 2022 13:56:43 GMT
Content-Encoding: gzip
Content-Length: 10067
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=85474
Expires: Sun, 04 Dec 2022 13:56:39 GMT
Date: Sat, 03 Dec 2022 14:12:05 GMT
Connection: keep-alive
Vary: Accept-Encoding
ups.analytics.yahoo.com/ups/58534/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 14:12:05 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDVZi2MCEEt0uXZhHRvtMevqxDw8GrgFEgEBAQGqjGOVYwAAAAAA_eMAAA&S=AQAAAvFhim0btrLTUpPoGn1el94; Expires=Sun, 3 Dec 2023 20:12:05 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:05 GMT
via: 1.1 varnish
age: 23964
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 1773
x-timer: S1670076725.390715,VS0,VE0
cache-control: private,max-age=31536000
abp: 12
content-length: 254
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=773824e7-7314-11ed-ab14-1f6fc1870506; expires=Sat, 31-Dec-2022 14:12:05 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7738255e-7314-11ed-ab14-1f6fc1870506
X-fe: 10
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7738255e-7314-11ed-ab14-1f6fc1870506
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7738255e-7314-11ed-ab14-1f6fc1870506
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7738255e-7314-11ed-ab14-1f6fc1870506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=773d7396-7314-11ed-a547-10b91cd50406; expires=Sat, 31-Dec-2022 14:12:05 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 144
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cdn.taboola.com/scripts/cds-pips.js
200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:05 GMT
via: 1.1 varnish
age: 461
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 738
x-timer: S1670076726.592253,VS0,VE0
vary: Accept-Encoding
abp: 12
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:05 GMT
via: 1.1 varnish
age: 628603
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 170473
x-timer: S1670076726.592007,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:05 GMT
age: 131701
x-served-by: cache-bma1641-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 56756
x-timer: S1670076726.592737,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:05 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&excid=22&docw=0&cijs=1&nlb=true
200 OK 1.1 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1120), with no line terminators
Hash f717cf68d70edb144ff0ab0bbaffacfe
e3f6de8e0594a980413fb5ac1cd43376b6427ec8
71b7861e9cdaab14dede85a55abcc5caa084ca862ecf9906830ea4de881be04b
GET /sync?dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=&cb=1670076723584&uv=3245&tms=1670076723584&su=&abt=mprdctdt6_vA!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=&cb=1670076723584&uv=3245&tms=1670076723584&su=&abt=mprdctdt6_vA!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7Vv8CFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJGWZDBcz32otG65WbtFq5XIrHMOVW7gaThyu3XAwcc2GQIKr0XCysRjWwtXEuBatVpu1xGVxrXWDhXGzmxiXo8VmCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eoXZbXn4PkO78u_3zTV-t1_0HA7Xor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGyBAAAIYJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQAAhNhUdRRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKAjaMVgsDqF2A1ni91othnNDgAAAODu____Xw9kZraVxzUxLiwbj20zWK4Wu8lm4xh5ZsPZyLDYeM88pbUdBsiNoM9DWGa_7yBieb6mv-Eg41teb4Oo6Hpb7A6n2XM_ipYsd8vdajRZjEbL5WY33IwG-xuIwWqAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6RoyWq5XK42m9VqN1rMBpvlcLNBilatZqPNYLiaTWa73Wo4GC5HI6RoyXK33K1Gk8VotFxudsPNaDBEmFgNN5bdYrhWDGYmt2ix2K2FI49tLVmZFq7JxjYZTEZr0etjehhHI5fFsUXBgI29CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWdmW3lcE-PCsvHYNoPlarGbbDaOkWc2nI0Mi42_sRpuLLvFcK0YzExu0WKxWwtHHttasjItXJONbTKYjNai18f0MI5GLotj35jtBoPdbDdZ7Buz3WCwm-0mi32HzvBdfc5GZ3A88dhUB2FjprM5DAqXweL9fS7SZrRxM6q0YYtFdS3uXBOrThs7GTsHs0HhG14Tw99P_bx2s7eD2GBQxBLB6SKdiF7G00UskTwt0olyN_N4jMuRw-Fw7pYj22qycg0nlpVrNzGsFhaTRSxRmi7SiV70HA7Xor_h6bGo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQ0WAzXC0XAMLZS_cHz2fdPxGRa_fBpK6Ecgwhs7jx4wbzW15vv-npt7sVlisDPFCTM2_2TBBrtVrWAAAAAtgAAAAB3Lp5C8Bm5PaBmnTDj1wp9vgJcDYbDg!&cmcv=&pix=&cb=1670076723584&uv=3245&tms=1670076723584&su=&abt=mprdctdt6_vA!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1& HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
content-length: 0
X-Firefox-Spdy: h2
pips.taboola.com/
200 OK 4 B IP
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://almraw3h.yoo7.com
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=775d39b6-7314-11ed-91ef-1d37f49c0106
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=775d39b6-7314-11ed-91ef-1d37f49c0106
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=775d39b6-7314-11ed-91ef-1d37f49c0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=776e45a2-7314-11ed-ab54-13b80d860506; expires=Sat, 31-Dec-2022 14:12:05 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 115
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.sectigo.com/
200 OK 471 B IP
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 14:12:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=560082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773ce5313842b529-OSL
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:06 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Content-Type: application/json
Origin: https://almraw3h.yoo7.com
Content-Length: 389
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 721bff3a18588e4639eac082389b76d9
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=ef6fadd104b74533836da83bed052281&zoneId=2308013&checkDuplicate=true&ymid=&var=
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=ef6fadd104b74533836da83bed052281&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP
File type JSON data\012- , ASCII text
Hash 1a8330ef73003fa7560bb1553d3b0aa3
91c1703af2f20d2511dda49a5289fddad9a5e5bb
05f82aaf21ba88d2ed41e09fbb044353b6a631c67c138318ef3e41bad391a53d
GET /gid.js?pub=0&userId=ef6fadd104b74533836da83bed052281&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Cookie: ID=ef8b3d0e72b8404da74c80a72fab52de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ef8b3d0e72b8404da74c80a72fab52de; expires=Sun, 03 Dec 2023 14:12:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
almraw3h.yoo7.com/t988-topic
200 OK 0 B URL HTTP/2 almraw3h.yoo7.com/t988-topic
IP
GET /t988-topic HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:58 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sat, 03 Dec 2022 00:00:00 GMT
last-modified: Sat, 03 Dec 2022 14:11:58 GMT
vary: User-Agent
set-cookie: exadd=167009; expires=Sat, 03-Dec-2022 18:11:58 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
IP
GET /rs3/66/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:23 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 881376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VSUW0k7o3ZbG3T5QcgNv7%2ByNPgxbFazdUmCw0Uu8jn2vHnjSRFMxcMjs2hCx%2BTrlauLjUpr2HxP8YAEQVXZ3BRAJqYXUSG%2FPrxIW2vuAIsuKoeejYtwjl93kc30XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce506fb6fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery/ticker/ticker.css
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery/ticker/ticker.css
IP
GET /rs3/66/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:29 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 881370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ph8VPhNX35VObM3xdXt4IPt0LifahXd%2FMRO4eWng1MIDDPFOeS4jy3sPjbJIYBdqXSw7ilMGNAjw6%2BkPQC4EdWoSvjL70pHNOia5ieEh3KbB%2F4vzibAalKNpOYqhNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ce5071b92b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Sun, 04 Dec 2022 14:11:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery//ticker/ticker.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery//ticker/ticker.js
IP
GET /rs3/66/frm/jquery//ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:26:05 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 881154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRx6ECxTnTwpTiSyPXUOH1dBeUvCNBrtaCskrKFXLRav0e5Wl1E0K%2FjQ4Fab7eEQRlGMbMfn8MrgSBufrJXWxUb1wi2mDRN7H4gMABhgJYyRUSpiGkzUdzWRPJZS%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce506fb73b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 5559
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3%2BEgYJV8a462u%2FDOvXAvqata8kdvIZ0iG6Roln4eRyxtyui%2F3baEGlkltQNcAhWSEDb49BOwrT%2BrVu2O2n57FhyAAgpMnbZGJfBXNZZvot9Tvby%2BCHnxyF8%2FZ6TMr4VVJfBIC2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce5096d67b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&cmcv=&pix=undefined&cb=1670076722496&uv=3245&tms=1670076722496&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=6ff87fa7-f3fd-4b91-b6a4-cf9f16865a6d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&cmcv=&pix=undefined&cb=1670076722496&uv=3245&tms=1670076722496&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=6ff87fa7-f3fd-4b91-b6a4-cf9f16865a6d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&cmcv=&pix=undefined&cb=1670076722496&uv=3245&tms=1670076722496&abt=mprdctdt6_vA!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=6ff87fa7-f3fd-4b91-b6a4-cf9f16865a6d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670076725.572261,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&excid=22&docw=0&cijs=1&nlb=false
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:04 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&excid=22&docw=0&cijs=1&nlb=false
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:12:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/embed/FA_Embed.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/embed/FA_Embed.js
IP
GET /rs3/66/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:27 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 881372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GOKXfgfkprTXFQl8Qy2QoZVX53PsIin5qSXJW25kXl43lOk5QgY%2BFdtH86T8pIDdR7vUl8qxipZeRotuIgpqczKu9UtuLBO7l1HKbg1WTyOGEq8yJ%2B9DnoX5dBJCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce506fb6cb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/ograph/fb_login.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/ograph/fb_login.js
IP
GET /rs3/66/frm/ograph/fb_login.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:40:53 GMT
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 880266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dBpLMTo6fZPsCeljZrH%2FwhksUB%2FHD0N5Wl16HHOKJZqMVewBd6TkTlDHHZBH8dmHLd0vQ9Gj8gKLfxMHjVhGYS8CZeDxF0P5Lwbm7CppHOiCZnwUzug8xcALlNo7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce5071b94b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Mon, 02 Jan 2023 14:11:59 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 7B1C:D2D3:4824A8:4A013B:638A8635
vary: Accept-Encoding
x-fastly-request-id: 13302c302e4dcbfe7e16260e2cd5983d6eec8ece
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=_d88QV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdqNExSdTBHSG1VMGk1UEF6RkxFVjJ5VHVsN3ZUdCUyRmdwc054aW9CdGQ0Qg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zapKol80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdqNExSdTBHSG1VMGk1UEF6RkxFVjJUJTJCJTJGTlgwVWklMkI4dVg0JTJGb0Y1VE5tNg; expires=Thu, 28 Dec 2023 14:12:03 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 344557
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.409
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.409
IP
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-18c6c"
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
2img.net/h/www.alzaker.com/vb/images/infs/Hobbies/Travel.gif
404 Not Found 0 B URL HTTP/2 2img.net/h/www.alzaker.com/vb/images/infs/Hobbies/Travel.gif
IP
GET /h/www.alzaker.com/vb/images/infs/Hobbies/Travel.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 14:12:04 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZuifw%2B3vUTFFi3TvNZgR5Gcc%2FsvH3rFnvRnpFQlQMaLZ7Ku2DWZQPBS%2BR7sGfSt0ovZphvQlHRU%2BCe69ehanlySsDfdhiEUtN4D%2BRUk97ciG%2FBKQfXeYiusWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773ce508481c7330-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/lang/ar.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/lang/ar.js
IP
GET /rs3/66/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:11:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:36:20 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 880539
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h420pGY294qF7P0M6jK%2BBdA79FXndlNg6AYXRiA1Wn4hyk17l7W6DQfEX6mySWLVqqlMpztRvtYRb6qli1Wlvc%2F%2FuPqoQiElDRldtgoTD6OICjfLtBNUXBykqiOVsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ce506fb72b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:01 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 728665
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
almraw3h.yoo7.com/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: almraw3h.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://almraw3h.yoo7.com/t988-topic
Connection: keep-alive
Cookie: exadd=167009; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.367635451.1670076719; _gid=GA1.2.945522702.1670076719; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 14:12:03 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&encoded=1&uid=158c2718-10fd-4117-8dc6-2e4a52c62024-tucta84deb1&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670076721457&tagid=&cntry=NO&platform=1&sesid=3f6ec5b8a2cc630951723c1d3686d01c&itemid=/t988-topic&viewid=1670076719176&geolat=&geoing=&deviceifa=&appid=&sd=v2_3f6ec5b8a2cc630951723c1d3686d01c_158c2718-10fd-4117-8dc6-2e4a52c62024-tucta84deb1_1670076721_1670076721_CNawjgYQ3pxDGMjA0cLNMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=97fcc89daaa979d652e58b2e57b05abd&appname=&cdb=&gdprApplies=true&rid=&sii=1091688763947681945&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8668
200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&encoded=1&uid=158c2718-10fd-4117-8dc6-2e4a52c62024-tucta84deb1&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670076721457&tagid=&cntry=NO&platform=1&sesid=3f6ec5b8a2cc630951723c1d3686d01c&itemid=/t988-topic&viewid=1670076719176&geolat=&geoing=&deviceifa=&appid=&sd=v2_3f6ec5b8a2cc630951723c1d3686d01c_158c2718-10fd-4117-8dc6-2e4a52c62024-tucta84deb1_1670076721_1670076721_CNawjgYQ3pxDGMjA0cLNMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=97fcc89daaa979d652e58b2e57b05abd&appname=&cdb=&gdprApplies=true&rid=&sii=1091688763947681945&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8668
IP
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falmraw3h.yoo7.com%2Ft988-topic&encoded=1&uid=158c2718-10fd-4117-8dc6-2e4a52c62024-tucta84deb1&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670076721457&tagid=&cntry=NO&platform=1&sesid=3f6ec5b8a2cc630951723c1d3686d01c&itemid=/t988-topic&viewid=1670076719176&geolat=&geoing=&deviceifa=&appid=&sd=v2_3f6ec5b8a2cc630951723c1d3686d01c_158c2718-10fd-4117-8dc6-2e4a52c62024-tucta84deb1_1670076721_1670076721_CNawjgYQ3pxDGMjA0cLNMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=97fcc89daaa979d652e58b2e57b05abd&appname=&cdb=&gdprApplies=true&rid=&sii=1091688763947681945&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8668 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1443
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670076724.232812,VS0,VE32
vary: Accept-Encoding
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670076722512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-679966993&tz=0&viewable=true&ddast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Falmraw3h.yoo7.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670076722512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-679966993&tz=0&viewable=true&ddast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Falmraw3h.yoo7.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670076722512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-679966993&tz=0&viewable=true&ddast=V7y3kCFgOB6jUzgkucDwSB6jUzgkucDwUAAAAGBuIHJDazGXczh28t88xMbtHEuVhLbAvTWmNzzhyz4Wy1sI2MQGIzm3E3c_jWMs_M5BZNnIu1xLYwrTU258wxG85WC9vIChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXq8wuy0P32doV_79vrnG7_aLnsPhWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuhk04bLWeDuz-igugiRgAAAABbWiqaR5M6obKo-v__77cCuAIACCDEpkrLzNIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-uFGlBK64Uar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgczMtvK4JsaFZeOxbQbL1WI32WwcI89sOBsZFhvvmae0tsMAuRH0RdxkOHwOBqKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhYjXcWHaL4VoxmJncosVitxaOPLa1ZGVauCYb22QwGa1Fr4_pYRyNXBbHFgUDNvYieVqkE-VsM_IMd5ORZeUYLTaewcjmsc1Ms9XCsZrYPCOLWKI5WaQT2WXfmdlWHtfEuLBsPLbNYLla7CabjWPkmQ1nI8Ni42-shhvLbjFcKwYzk1u0WOzWwpHHtpasTAvXZGObDCajtej1MT2Mo5HL4tg3ZrvBYDfbTRb7xmw3GOxmu8li36EzfFefs9EZHE88NtVB2JjpbA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHCRTmR-y-vtNz39drfCchFLlKaLdKIXPYfDtehveHosYongdJFORC_j6aL-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtc4DGSwHu-VquQAQzl66P3g-6_6JiFy7DyZ1JZRjCJnFjR83mN_yevtNT7_drbBcGeCBmpx582eCWKvVsgYAABDABgAACODWzVsANhP_____HwcAACAjRw8AACC-DwRFrBd-5ErBT4Cz2XA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Falmraw3h.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://almraw3h.yoo7.com
Connection: keep-alive
Referer: https://almraw3h.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1462
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://almraw3h.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 14:12:04 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670076725.782530,VS0,VE48
vary: Accept-Encoding
X-Firefox-Spdy: h2
94.23.150.222
178.250.0.157
93.184.220.29
185.106.33.48
188.114.97.1
104.21.31.159
3.126.56.137
172.64.155.188
23.36.76.226
104.88.9.101
34.241.86.223
94.23.76.111