nazmimedane.yoo7.com/t659-topic
94.23.73.212301 Moved Permanently 0 B URL HTTP/1.1 nazmimedane.yoo7.com/t659-topic
IP 94.23.73.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t659-topic HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 12:36:38 GMT
Content-Length: 0
Location: https://nazmimedane.yoo7.com/t659-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14042
Expires: Wed, 07 Dec 2022 16:30:40 GMT
Date: Wed, 07 Dec 2022 12:36:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15228
Expires: Wed, 07 Dec 2022 16:50:26 GMT
Date: Wed, 07 Dec 2022 12:36:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6vH6HFbCalmarjyPBwT4O64b61FMGgQzdc3Wif6xA1vsCUbexeGUNqXQYhlFkCOVo4ZWDXoWeMw=
x-amz-request-id: B46F7PFR1CHNWMH4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 11:49:21 GMT
age: 2837
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:38 GMT
Last-Modified: Wed, 07 Dec 2022 12:21:31 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 12:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 970
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84f5d4b250008df62ae52bbb74172df9
0ecfeae57ae3304c77b3324e38c91bd4bc2323f5
32560956346a796136d461cd4da18cac153bda75d0ec9f9af8cb1d43185a2231
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32560956346A796136D461CD4DA18CAC153BDA75D0EC9F9AF8CB1D43185A2231"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=796
Expires: Wed, 07 Dec 2022 12:49:54 GMT
Date: Wed, 07 Dec 2022 12:36:38 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 1660
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 855
Cache-Control: max-age=161066
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:21:05 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a4bdaa48eaabd53c92b522d9fa3e7682
a0bad1ba1550c1b32dea04344f6cb69483b1c41c
1ecdaffa454649cdf5fc1bec0074bd05530c13d3e756de0397dad59e48f3e51b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=153583
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 07:16:22 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a4bdaa48eaabd53c92b522d9fa3e7682
a0bad1ba1550c1b32dea04344f6cb69483b1c41c
1ecdaffa454649cdf5fc1bec0074bd05530c13d3e756de0397dad59e48f3e51b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4184
Cache-Control: max-age=151813
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 06:46:52 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a4bdaa48eaabd53c92b522d9fa3e7682
a0bad1ba1550c1b32dea04344f6cb69483b1c41c
1ecdaffa454649cdf5fc1bec0074bd05530c13d3e756de0397dad59e48f3e51b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3619
Cache-Control: max-age=151248
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 06:37:27 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nazmimedane.yoo7.com/users/3314/38/76/56/smiles/916405.gif
94.23.159.185200 OK 11 kB URL HTTP/2 nazmimedane.yoo7.com/users/3314/38/76/56/smiles/916405.gif
IP 94.23.159.185:0
File type GIF image data, version 89a, 180 x 48\012- data
Hash 86b268812af4bb3acebe08a314637b85
1f65c9c822fb4e1f7763363b058c5acbc490f94b
29296d8603aa856e8975d4b209da30452ed55f71266f868a4839d3d789c8b2ca
GET /users/3314/38/76/56/smiles/916405.gif HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 11013
last-modified: Thu, 11 Feb 2010 00:28:25 GMT
etag: "4b734f29-2b05"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0b5e8b199fe0a3220dfbff1f4bb8df5c
dc5c501197214406944186ad030b8cdd7a363870
c6339298252f9d10a7ee2d54788124115017d278246a9be498f43c3824c82af9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2136
Cache-Control: max-age=105477
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638f7984-2d7"
Expires: Thu, 08 Dec 2022 17:54:36 GMT
Last-Modified: Tue, 06 Dec 2022 17:19:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:01:47 GMT
expires: Wed, 06 Dec 2023 13:01:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 84892
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6b874cd43d686ab515ab6c0706375c6c
3011156bc0a836bd990cd7707efd83dea59211fa
3cb32762de89fc43af83f2f716f4e24a30277310d0deb84b595a861a4aeb3d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4447
Cache-Control: max-age=125092
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638fbd1c-117"
Expires: Thu, 08 Dec 2022 23:21:31 GMT
Last-Modified: Tue, 06 Dec 2022 22:07:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nazmimedane.yoo7.com/users/3314/38/76/56/smiles/295390.gif
94.23.159.185200 OK 4.9 kB URL HTTP/2 nazmimedane.yoo7.com/users/3314/38/76/56/smiles/295390.gif
IP 94.23.159.185:0
File type GIF image data, version 89a, 180 x 37\012- data
Hash d51d942d7b4dbaed397942eb36133ae4
eac14e4500477380c2d29d4edbacf8dc8678f1be
2422ccf9cf64e8ac84f0c012fad8b9da06b9dd07daf1e47814dae26f83abb8a0
GET /users/3314/38/76/56/smiles/295390.gif HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 4865
last-modified: Fri, 12 Feb 2010 12:50:42 GMT
etag: "4b754ea2-1301"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a4bdaa48eaabd53c92b522d9fa3e7682
a0bad1ba1550c1b32dea04344f6cb69483b1c41c
1ecdaffa454649cdf5fc1bec0074bd05530c13d3e756de0397dad59e48f3e51b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=153583
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 07:16:22 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3a488fc3dcdaafb273e7c74bca56bb53
e04c3fa14a45cb81a4fa39085ae8504b63f31589
afa21e0ef1b2ca8bc6b71a0215fe0a27b9e6a4bed9e90031c8b90d434153ca7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 648
Cache-Control: max-age=119812
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638fb753-139"
Expires: Thu, 08 Dec 2022 21:53:31 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
www.googletagmanager.com/gtag/js?id=UA-12893221-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-12893221-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 5c91bd17e9094bfd45db89654c040d7e
58ede8f570fc28e49f1e63995a4859012bb686d9
a8166505209ac68edf4183a1e759666b31eeaf311c2714793b2eeaf10e606f21
GET /gtag/js?id=UA-12893221-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 12:36:39 GMT
expires: Wed, 07 Dec 2022 12:36:39 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 7c862f1e15ec5c826580a9230c2501d9
23f770c5a56f4b61497edabccf7285d157ed107f
0e622d1bc91b754301a69be86346b5ddabea512ac10f80afdab1b4d558a4ca59
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 12:36:39 GMT
expires: Wed, 07 Dec 2022 12:36:39 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/afsonline/show_afs_search.js
216.58.211.4200 OK 1.5 kB URL HTTP/2 www.google.com/afsonline/show_afs_search.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (512)
Hash 9e7155ef31da254ed5eb9931cf5d529b
00cea21853d9a6f394dd8e38a3956c9380ef47fb
518e342faec6830b1bf1316c021186ae84fa470fec927adb07a0dde111f81465
GET /afsonline/show_afs_search.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 1456
date: Wed, 07 Dec 2022 12:36:39 GMT
expires: Wed, 07 Dec 2022 12:36:39 GMT
cache-control: private, max-age=0
last-modified: Tue, 03 Nov 2020 17:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/fa/icon_mini_search.gif
104.21.235.175200 OK 238 B URL HTTP/2 2img.net/i/fa/icon_mini_search.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 12 x 13\012- data
Hash 69ac99a266d5032986805506ed750bdd
a800b0f6f44e80d71f75808bd4324f866e6c54b1
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
GET /i/fa/icon_mini_search.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 238
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-ee"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 787476
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltkeqqYPxuaG6fiVZcgK15sOT6G%2FPQFNOAepelg75tlbAj5bd6%2FO6cbD1w8i5y7cgf2ToYPgWSHtcBpWb063syZdLxVweWKb4Xzi5OU7DwlpVjeRg6KcKd8ojw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a777519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.175200 OK 42 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 787556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfjsg5N6H5Om%2BZEZD1lceIbxbf3VKe4Jfm1P05pCBScl0IqNkE4EbOzyKKPHbsgQuNEZNPkxaf9xPBpL6qboppDwvTnKNftL3TajT%2FZgOV3TJR2jkcuJ2t%2F4fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a857519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/s/t/13/09/81/i_icon_mini_index.jpg
104.21.235.175200 OK 1.6 kB URL HTTP/2 2img.net/s/t/13/09/81/i_icon_mini_index.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x50, components 3\012- data
Hash 4dd7c80b70e829398683f936a1b858d9
bb496b51478f2278d1e3a9cd285bd4270c7935d7
884b911b914077c76bed0caa0357bd3aaea055aa7955b0d1f04e1ec565efb612
GET /s/t/13/09/81/i_icon_mini_index.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/jpeg
content-length: 1591
last-modified: Fri, 12 May 2017 12:33:54 GMT
etag: "5915abb2-637"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQ8tQ6wNiJsDNQql97LuEEKM8nDaYqr19vXnh8nJYzaij8T6Zsx6CO0FKOPad15ZgH2lDrRUiW3dmG2l7ilBJZXjFF66rgpq59DhXljl%2BXrqSNWFpvkLOBONVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a717519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.175200 OK 43 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 787569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owiyR%2Boq1gxxNJJRXWfKInjxFXdROlmJz0etAd%2Fpm4olh%2F5Ae3ObLEoIrUmfw1pp816o8FRS8qpH9htYMWDkqlLxznlshyDnsygJM4es8vyBOrkXZR088Uig8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee26ab17519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/09/81/i_icon_mini_gallery.gif
104.21.235.175200 OK 269 B URL HTTP/2 2img.net/s/t/13/09/81/i_icon_mini_gallery.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 15 x 16\012- data
Hash 2ce6c29d890f43462dfe61cd4beca3ce
0828b9daaba3a38bf73c7cb99fe69b2da9e2c7f8
161e035cc7503e8169eca61dfea7ec7aa4e3bb90cb56f7f6a70b6e09336c48b8
GET /s/t/13/09/81/i_icon_mini_gallery.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 269
last-modified: Wed, 10 Dec 2008 17:11:53 GMT
etag: "493ff859-10d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4sQyYfz8DXmB%2FTEWvPwYg0RTs4WZvXcUs85odfwW5BqYlRBEOt6Yu2X%2BrlTBiRNCDzKveHMDpHEyvdqmt9XfZPOF2e9ZLLBy%2FVIdR124FGoISMHj6o3Akfpig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a757519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/s/t/13/09/81/i_icon_www.jpg
104.21.235.175200 OK 1.3 kB URL HTTP/2 2img.net/s/t/13/09/81/i_icon_www.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 58x25, components 3\012- data
Hash 50ddd3ecb5d31206f522cd7bb6dc4d47
a9dbfa6409642dcae9dbfa9e9ba268872b224d4b
cc49137ce9a3853e098017e77343678d129e3371cf3344b8a24ceb3124f72439
GET /s/t/13/09/81/i_icon_www.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/jpeg
content-length: 1274
last-modified: Wed, 27 Oct 2010 15:19:30 GMT
etag: "4cc84302-4fa"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDt4quAdHNAs5ZNeNxgoIgbppXE4lukIa2ITVXNOWSObj6GpwioLnej%2BVSN5A50scvTgH%2F%2FVULP1H6HxO6UAWusbdxG6ObTvE7b0GynMlATSQ3ILW3r4wW%2BZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee26ab27519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6b874cd43d686ab515ab6c0706375c6c
3011156bc0a836bd990cd7707efd83dea59211fa
3cb32762de89fc43af83f2f716f4e24a30277310d0deb84b595a861a4aeb3d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4447
Cache-Control: max-age=125092
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638fbd1c-117"
Expires: Thu, 08 Dec 2022 23:21:31 GMT
Last-Modified: Tue, 06 Dec 2022 22:07:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/s/t/13/09/81/i_icon_mini_login.jpg
104.21.235.175200 OK 1.6 kB URL HTTP/2 2img.net/s/t/13/09/81/i_icon_mini_login.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 99x50, components 3\012- data
Hash 0a01c9d0d9747af7bd7f9f41afd51cdf
77daebee09388ffe59049db2083d980f6057e039
b548b3f3ab6080dc35636f48da41a8a594b839f9d313ccf1a81e675c75dd0a67
GET /s/t/13/09/81/i_icon_mini_login.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/jpeg
content-length: 1586
last-modified: Fri, 12 May 2017 12:33:54 GMT
etag: "5915abb2-632"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbWvTeeStCEutxgel0on8a1O1RXIi5W7JtsCtkgiFlWKaKnxJ57KdrgC2H4OG3055j2WhqtBGHZffLxgc05GAHVGiIe3xuiljwsXVXjxflXBhDohorCgH4lDsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a747519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d7e4f8080b49b9b1e349bddc6040719
774d6a8a88cac65209b895ffd64b946964ced493
e61dc8b39318cc58ff05a306b1a46fec40e1e3c61d2d219c4c6a0be228fa3ab9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1804
Cache-Control: max-age=151610
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902f05-118"
Expires: Fri, 09 Dec 2022 06:43:29 GMT
Last-Modified: Wed, 07 Dec 2022 06:13:25 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
nazmimedane.yoo7.com/0-rtl.css
94.23.159.185200 OK 55 kB URL HTTP/2 nazmimedane.yoo7.com/0-rtl.css
IP 94.23.159.185:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 0c64954f35afb07ed31df919ef4d1d88
c3b0f1f56842dd40a650001b62db93c16c423130
79c353e527f612f8d139c973019d8816a9d5c60193276f016433c98f2ca7ab45
GET /0-rtl.css HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: text/css
content-length: 54802
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
2img.net/s/t/13/09/81/i_icon_mini_register.gif
104.21.235.175200 OK 42 kB URL HTTP/2 2img.net/s/t/13/09/81/i_icon_mini_register.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 133 x 50\012- data
Hash a31e82e4c2f70e0913b34dd7a977a5ed
3e34e27ce787cf2c467343506d2c26b20f5160bd
0bcadae8fed21f162a7668066e446d4cec8ab88700b71599d80cd2510b9632b2
GET /s/t/13/09/81/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 41555
last-modified: Wed, 10 Dec 2008 17:11:49 GMT
etag: "493ff855-a253"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CviGP7R%2FZK5tv1IyVTamwTnRV00BcrcSD5HuNnfzdcs86rRvIdM4g6zAxRGqfZNq7USMVKMkn3bRDjEFlZ34meyNAZGhb7GvrVdevFL4u6ke8otI%2Fkoyg6%2BoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a727519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d7e4f8080b49b9b1e349bddc6040719
774d6a8a88cac65209b895ffd64b946964ced493
e61dc8b39318cc58ff05a306b1a46fec40e1e3c61d2d219c4c6a0be228fa3ab9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=154282
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902f05-118"
Expires: Fri, 09 Dec 2022 07:28:01 GMT
Last-Modified: Wed, 07 Dec 2022 06:13:25 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 280
cdn.jsdelivr.net/emojione/assets/png/2665.png?v=2.2.7
151.101.193.229200 OK 449 B URL HTTP/2 cdn.jsdelivr.net/emojione/assets/png/2665.png?v=2.2.7
IP 151.101.193.229:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash d96be3593df852a6bf4151ec24b16162
43a226f5958af1de8ca9d5e224b55b009e19909a
271429d12c40be921897005b7bdd08f9518960af1e1e6f56bb0060f1f183651e
GET /emojione/assets/png/2665.png?v=2.2.7 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
etag: W/"1c1-Q6Im9ZWK8d6MqdXiJLVbAJ4ZkJo"
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:39 GMT
age: 544852
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 449
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TSNlwDNqdzL0nzmneIRfrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gC4dW9vYTGOKjg7WiPlPmvKzx70=
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash ca17d6dd4ac143df0dff7f23d311838d
607140ba09632a0fcc344b0697e1ed9ff58fac4b
2e77c7d07495bab4c233234ec8de6eac67f589108f21d0c566abe1a82658d197
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 12:36:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "762FA358982F6A9E699BB72F1BEBB562CBBB835F"
Expires: Wed, 07 Dec 2022 23:00:00 GMT
Last-Modified: Wed, 07 Dec 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2076
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775d4ee37a77b505-OSL
i.servimg.com/u/f64/14/84/23/64/uuoous10.gif
172.67.178.62200 OK 17 kB URL HTTP/2 i.servimg.com/u/f64/14/84/23/64/uuoous10.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 200 x 80\012- data
Hash 85c71f40d4645e9f00f3f4ee4fc7c4f5
b4d76961276c0aaf2115e43a16ae6c40cf45e02e
421cc46926b434b0c8ad11716f1be1f4c0fb16c4bd8a8ed7516e896d2c6ffcb6
GET /u/f64/14/84/23/64/uuoous10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 16920
last-modified: Thu, 11 Feb 2010 12:19:41 GMT
etag: "4b73f5dd-4218"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 07 Dec 2023 12:36:39 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDHMdKnpdZ%2F9WwxsY97vPdbihY%2F7jHkhT5vwcY3ycfqbfteFBULZ6%2BAH2%2Fz41g7dy97wMNNiaNyeysn27oDFtLWR1YW97ir%2BHe0tdWVGV%2FA2V6qtzjU7TdnykHVwjwuu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775d4ee33b2d0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f64/14/84/23/64/rosy10.gif
172.67.178.62200 OK 17 kB URL HTTP/2 i.servimg.com/u/f64/14/84/23/64/rosy10.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 200 x 80\012- data
Hash 7828c7097d0f1dcb689f88ae56bcb8dd
b47d237c48d161cfcef6fb8b2fc66742e09f0f0a
6e065b05801323a13ef8361c820f5d5542497d18bbd5476ed540e21019b7751e
GET /u/f64/14/84/23/64/rosy10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: image/gif
content-length: 16717
last-modified: Mon, 15 Feb 2010 22:23:34 GMT
etag: "4b79c966-414d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 07 Dec 2023 12:36:39 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkQBdU5Ja2pB%2FnarMF8agpVuvP3AcPv1THPVhEzO4vGJ%2BhU3t5WyVTrsEaC%2FkafZb%2BIXJpJTS21a8YI%2BUkWzmwQzQhNgkVOCJY4rJqPad1BRg74YbG44ePctAMJ9%2FJWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775d4ee32b140afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d7e4f8080b49b9b1e349bddc6040719
774d6a8a88cac65209b895ffd64b946964ced493
e61dc8b39318cc58ff05a306b1a46fec40e1e3c61d2d219c4c6a0be228fa3ab9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=154282
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902f05-118"
Expires: Fri, 09 Dec 2022 07:28:01 GMT
Last-Modified: Wed, 07 Dec 2022 06:13:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 42 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
Hash 0f7638bdba34bff6e8d33a6121d275a8
63ff800b622c819c3d2aac202156b5be8adf1862
ba634de8d2c89eae3b1babf01aa7952e1cc592e1bc95423e81b67306bddc6700
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Thu, 08 Dec 2022 12:36:39 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
nazmimedane.yoo7.com/profile.forum?mode=register
94.23.159.185200 OK 13 kB URL HTTP/2 nazmimedane.yoo7.com/profile.forum?mode=register
IP 94.23.159.185:0
Hash 72f64cb85b126001d5d05da3d3baa740
37221195b2920247b630f12d30b401e3ff65de4e
eab91f13048fe7263f05f939db67550763da74ed2ead4b9c6967d51b7075cb15
GET /profile.forum?mode=register HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Wed, 07 Dec 2022 00:00:00 GMT
last-modified: Wed, 07 Dec 2022 12:36:39 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8df75ca293c5d225d64683fcf613404f
f2f351830015257f34f603fb2d2660057c28c756
4758c277c932e1d96beb963049cb1cfd3fc4e75dc9ead41dd5dedba573bfcb04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4758C277C932E1D96BEB963049CB1CFD3FC4E75DC9EAD41DD5DEDBA573BFCB04"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5400
Expires: Wed, 07 Dec 2022 14:06:39 GMT
Date: Wed, 07 Dec 2022 12:36:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash aa9e9cc4cf21d2f8e869a92e65a45506
32bac4c290787256eb7362fd11b4342d20a6c8ab
b82203e3d34d3cd6c7b013b8887a74af649ef07edccacf3a1874a670951a915b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 747
Cache-Control: max-age=168152
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "639073c4-139"
Expires: Fri, 09 Dec 2022 11:19:11 GMT
Last-Modified: Wed, 07 Dec 2022 11:06:44 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
twemoji.maxcdn.com/twemoji.min.js
151.139.237.124200 OK 5.4 kB URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 151.139.237.124:0
Hash 38879863f1f9a6d7eb46f08f855f877c
a047659d0272aaf4ba783ece1dde3e0f77097a53
8180bfd1ebdeac4b552b3ecf5f85e2782621fa6a35a3e6ce135a069559de4e5b
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Fri, 06 Jan 2023 12:36:39 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 7B1C:D2D3:4824A8:4A013B:638A8635
vary: Accept-Encoding
x-fastly-request-id: 13302c302e4dcbfe7e16260e2cd5983d6eec8ece
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4c9688944e55047f879844d038061d17
e772514463f92964d1aa73b65a5b5e727665e2e6
b7da6d01a2e65b5691557e6c340a64632aed3e7fb41bf5a1e5fdbe96c7c9e700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 568
Cache-Control: max-age=105365
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:40 GMT
Etag: "638f7f35-139"
Expires: Thu, 08 Dec 2022 17:52:45 GMT
Last-Modified: Tue, 06 Dec 2022 17:43:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
cdn.viglink.com/api/vglnk.js
54.230.111.6200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 54.230.111.6:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28567
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 16:53:51 GMT
cache-control: public, max-age=604800
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JvrDZhFjPgY-HK4vk9BJ3Ds2gsVBPhcj1uBOzyPWeBZqtmBdwvbt0w==
age: 589369
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 10:41:08 GMT
expires: Wed, 07 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 6932
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3FxhlV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHhGRWElMkZ4TVM0ZlZyU2hST1YyVU5tWQ; expires=Mon, 01 Jan 2024 12:36:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 318384
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.193.44200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.193.44:0
File type Unicode text, UTF-8 text, with very long lines (65498)
Hash bbfa9d794c1218cf5f2f30b9392c4cfb
b0aa5725c004ac5fb830390c74c545b3ef1ebf59
bd6cb07b4bc5602d41715b001d9e221f574615be6a6a44891bf74d1f0e40457d
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /cwkzO8nF5uRzDXMLGMHW4IRfavxeTsfa12Vhm18zWUPw2Q3mLzJdjX2wAv8/Vnko9AhGdScgug=
x-amz-request-id: 1NRDB3BA5PYV6VXA
last-modified: Tue, 06 Dec 2022 20:15:07 GMT
etag: "0b83445d4f9715acb76beae9296d283b"
x-amz-version-id: 6b2PswebF0hDzWO5xmiOy0UsxM94SyBS
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
age: 133
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670416600.091769,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 25423
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=132&profileId=206&cb=88824590264
178.250.2.131200 OK 159 B URL HTTP/2 bidder.criteo.com/cdb?ptv=132&profileId=206&cb=88824590264
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 567e76dc0bcfde74b71cfeae11b1fd0f
6ae14514e12d47eccce20996bccf49d8f0bc1a8c
3466feee8621c1050583edfe2fcb50f2fab13ef8e4121bbf15166d975797e494
POST /cdb?ptv=132&profileId=206&cb=88824590264 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 569
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://nazmimedane.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 159
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 763
Cache-Control: max-age=164221
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:40 GMT
Etag: "6390645a-139"
Expires: Fri, 09 Dec 2022 10:13:41 GMT
Last-Modified: Wed, 07 Dec 2022 10:00:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
cdn.taboola.com/libtrc/impl.20221206-9-RELEASE.js
151.101.193.44200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221206-9-RELEASE.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (65509)
Size 147 kB (147441 bytes)
Hash ed14506295f2d36ba1c947cf18f982f1
8bcb0936b86823b6eede23335a32943741c0db74
d35893f151f71ec05c2cbe5c36df80230c14bed25ac5c8a7a277e3ba3c483f92
GET /libtrc/impl.20221206-9-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GJ/TYug6Y6wJpQ/xGmN1jNBtDY9WgBStGLQwy7qlMzZ//8FdBlS8ZDbuZEsurVSZq3yK0CZU2TI=
x-amz-request-id: V7XDYTDZNM3QFRRE
last-modified: Tue, 06 Dec 2022 11:09:50 GMT
etag: "ed14506295f2d36ba1c947cf18f982f1"
content-encoding: br
x-amz-version-id: eQ1gx7k6CXCSNKmlaWA.nuCrjL1_tj1K
content-type: application/javascript
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
age: 5155
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 3545
x-timer: S1670416600.166557,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
server: AmazonS3-br
content-length: 147441
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 1371394b8b1c5690dea0c69e202fb178
220403c6e8e56905462e854ca58c133f57f4e01e
e84c5d428e0e823f92efe2ca32e5ff108e4b076c411b7a3c55b879f00e515670
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:40 GMT
Last-Modified: Wed, 07 Dec 2022 11:23:11 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hFJTK4vVtWruNti2EVNyHsqLb23_PjrdbVRnz5JNTqRIdglLIrjMJQ==
Age: 4409
api.viglink.com/api/ping
34.246.116.79200 OK 259 B IP 34.246.116.79:0
File type ASCII text, with no line terminators
Hash a7077cbed20180df8979afb8b983758a
525b4ac8aaf54dabdf1cf27390f9949eca9a1a96
54b80a50b45af40d430ca692a2f71910bdf79f5933a8387fd2bbbf19bf8ccad9
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 139
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
nazmimedane.yoo7.com/images/icons-180.png
94.23.159.185200 OK 9.0 kB URL HTTP/2 nazmimedane.yoo7.com/images/icons-180.png
IP 94.23.159.185:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 037549b570c55cf338fc5849755c6baf
2994009046516b87da7e8a8cef3ab2c262b3f482
1f755fbb2285b1456445f40b06e0b5b1b1cfd2c01a5652bf9c1d29db72f96140
GET /images/icons-180.png HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: image/png
content-length: 9034
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A36%3A39.967&type=usage&msg=rtus&llvl=2&id=1265&cv=20221206-9-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A36%3A39.967&type=usage&msg=rtus&llvl=2&id=1265&cv=20221206-9-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A36%3A39.967&type=usage&msg=rtus&llvl=2&id=1265&cv=20221206-9-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
x-fastly-to-nlb-rtt: 22152
access-control-allow-credentials: true
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
34.246.116.79200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 34.246.116.79:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
34.246.116.79200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 34.246.116.79:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&gjid=1572966191&_gid=260530178.1670416600&_u=YEBAAUAAAAAAACAAI~&z=706243412
64.233.164.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&gjid=1572966191&_gid=260530178.1670416600&_u=YEBAAUAAAAAAACAAI~&z=706243412
IP 64.233.164.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&gjid=1572966191&_gid=260530178.1670416600&_u=YEBAAUAAAAAAACAAI~&z=706243412 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://nazmimedane.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 12:36:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c76c2f60892596440d18b9ac02ea4e0d
36ed98837105269647524ad67f727ed476c4c6a2
2bbf9a00990733a43871e7786ce7d13ecd29df5266b6f540dfeafbe7d489bede
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BBF9A00990733A43871E7786CE7D13ECD29DF5266B6F540DFEAFBE7D489BEDE"
Last-Modified: Tue, 06 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18263
Expires: Wed, 07 Dec 2022 17:41:03 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.246.116.79200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.246.116.79:0
File type ASCII text, with no line terminators
Hash 69a347a8e60787c197a2cc306061e409
655eded589ffb5a241e9e6a6b980559da440300a
fa668d12b8319bdca7fc16818c5dbb24a18415524bdc8031bb97f9bf9d998769
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 289
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Content-Type: application/json
Origin: https://nazmimedane.yoo7.com
Content-Length: 387
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 91cbdf556b10a044ed1f12e052142c5b
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Content-Type: application/json
Origin: https://nazmimedane.yoo7.com
Content-Length: 771
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c49688fe7228ef519341406bcda0af1c
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=nazmimedane.yoo7.com
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=nazmimedane.yoo7.com
IP 178.250.2.146:0
Hash 370e85ec707b157a69ee7267f2577fb1
783bb43d4a46c5e60d53b0fb4b8857aa48e341b3
1051ba7aedc90b38431e67a920fd8b0547cd9737f758552b1c49fbc8486e6e5f
GET /syncframe?origin=rtus&topUrl=nazmimedane.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d082617d-e81f-4aa6-b769-8070a9519831; expires=Mon, 01 Jan 2024 12:36:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 524086
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 50676
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 23099
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
age: 52860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 51694
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.409
139.45.197.250200 OK 42 kB URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.409
IP 139.45.197.250:0
Hash 72ebbafd27f316744f849c3cfd8319fb
8d449d8870ac266a7d100d831b18156a4f72fafc
8620ee6cc15808c33342d1a8226a1c520705f6513332fbcd9314378260f97556
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-18c6c"
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 7.5 kB IP 178.250.0.157:0
Hash 0392d6fab7a37f15ea136805b1703fcc
1cfd4582745dd9498153e08a25248925e9876e9c
f936fb2a70d7333dee79453676d3f35e12237e136349efe95df5daa8d601cb51
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=3FxhlV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHhGRWElMkZ4TVM0ZlZyU2hST1YyVU5tWQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Hx9f1F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdKYmFYbG53OXhhdUpkMmcyQVJQRzQ; expires=Mon, 01 Jan 2024 12:36:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 355527
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221206-9-RELEASE.es6.js
151.101.193.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221206-9-RELEASE.es6.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (17842)
Hash 4957c15ac288ba5085679ffaf3f7798e
33f2569b3f3239aa332430c24ffda92d0dc11735
4dbc2d23b59a6aeefdac9ea2269fc4f35f6ca9c053c2e500239bcfc518cc229b
GET /libtrc/userx.20221206-9-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: jQxtGKp8nq4IWTzSCHzvUw6PSQ1lF+7jDWwXYhcmAIUKBleKKrHP0Nu2C9sd3cJzz9UYCMjfJdg=
x-amz-request-id: SCRC2PMS67ZR5J39
x-amz-replication-status: PENDING
last-modified: Wed, 07 Dec 2022 10:58:09 GMT
etag: "364422da529caf2611941f23d30b1dfd"
x-amz-version-id: coGgcXfdGU3u27da6O5R_45957M6Fr_Y
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
age: 5909
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 879
x-timer: S1670416601.786889,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 2
content-length: 5397
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6097769d180abfa1734220ac93695e9.png
151.101.193.44200 OK 4.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6097769d180abfa1734220ac93695e9.png
IP 151.101.193.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 64f57d105169b65ce0ad224c6112b721
fcf6c8d1c185351bd519ca98308401b301a5283f
766aa74fd1a58decd8f747b03efb9ab9f72d2c6ac63f5f78c9d7a2574a856674
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6097769d180abfa1734220ac93695e9.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 515569731593774944757862601420144156398,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 515569731593774944757862601420144156398,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "e4c475add2bd4f975226d1b0f587176f"
expiration: expiry-date="Sun, 18 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 17 Nov 2022 14:04:20 GMT
req-referer: https://acdn.adnxs-simple.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 308
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
age: 597580
x-served-by: cache-iad-kcgs7200066-IAD, cache-iad-kiad7000072-IAD, cache-sna10747-LGB, cache-iad-kiad7000162-IAD, cache-bma1663-BMA
x-cache: HIT, MISS, MISS, MISS, HIT
x-cache-hits: 1, 0, 0, 0, 1
x-timer: S1670416601.794463,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6097769d180abfa1734220ac93695e9.png
x-vcl-time-ms: 1
content-length: 4754
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.26200 OK 510 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.26:0
Hash fa52179edd6e08fca7f91d2d9772660a
8422acd3225be5eda3499888889a362d6b3152e8
7c3822d2848059c47330e4c81b3a31fb5a7e7b856be597cd6ebba7857ee49636
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 158365
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.246.116.79200 OK 56 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.246.116.79:0
File type ASCII text, with no line terminators
Hash dc56847f054315e15c6aaaf1ed4ded79
717548bbeabf331c96216e8744862302b0130dd0
3fa241b0c43a14b28dd5d40429856cb26ca89d029919829d5bba2025b283257b
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 203
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 56
Connection: keep-alive
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&_u=YEBAAUAAAAAAACAAI~&z=1688515066
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&_u=YEBAAUAAAAAAACAAI~&z=1688515066
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&_u=YEBAAUAAAAAAACAAI~&z=1688515066 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 12:36:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic&encoded=1&uid=2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1670416600240&tagid=&cntry=NO&platform=1&sesid=3670ed328931d7d3e57c5d1e93473643&itemid=/t659-topic&viewid=1670416599976&geolat=&geoing=&deviceifa=&appid=&sd=v2_3670ed328931d7d3e57c5d1e93473643_2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58_1670416600_1670416600_CNawjgYQ3pxDGKiX2uTOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=1e7c55c8e3904343f645459948d8774b&appname=&cdb=&gdprApplies=true&rid=&sii=-2899222192760695742&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8596
151.101.193.44200 OK 9.4 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic&encoded=1&uid=2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1670416600240&tagid=&cntry=NO&platform=1&sesid=3670ed328931d7d3e57c5d1e93473643&itemid=/t659-topic&viewid=1670416599976&geolat=&geoing=&deviceifa=&appid=&sd=v2_3670ed328931d7d3e57c5d1e93473643_2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58_1670416600_1670416600_CNawjgYQ3pxDGKiX2uTOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=1e7c55c8e3904343f645459948d8774b&appname=&cdb=&gdprApplies=true&rid=&sii=-2899222192760695742&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8596
IP 151.101.193.44:0
Hash 2d9b7a98c9222d04f9d3a2d66bb0355d
2249eb4bc8f24e879cf871de51ae0b82bd01a924
c8736a79f39d47510057e5b089a079bb319da61ed860303c9d5ecbd6f7b73974
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic&encoded=1&uid=2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1670416600240&tagid=&cntry=NO&platform=1&sesid=3670ed328931d7d3e57c5d1e93473643&itemid=/t659-topic&viewid=1670416599976&geolat=&geoing=&deviceifa=&appid=&sd=v2_3670ed328931d7d3e57c5d1e93473643_2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58_1670416600_1670416600_CNawjgYQ3pxDGKiX2uTOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=1e7c55c8e3904343f645459948d8774b&appname=&cdb=&gdprApplies=true&rid=&sii=-2899222192760695742&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8596 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1451
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416601.797365,VS0,VE29
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=nazmimedane.yoo7.com&bundle=uWDq2l9DNlpTTlRsN04lMkJTeWElMkZBUjhDempLeUswdVNrdWpodW9jNGoyZzRyb3Z5SnNiaHo1cCUyRlIwczNJNHlTRVZyUGtjNTlJMlFDaTVFUkhNNGpSME4lMkZhZFBLM0JsT0VRVzIwNFRLdUg3ME9EZW5XMm1rWlNicWFQd25FVUdSJTJCeXAlMkZGVg&info=kBaMO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdFbXVTYyUyRlBaVUtEczBtVTVOSUdDZA&idsd=2066775959,-919537055&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 795 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=nazmimedane.yoo7.com&bundle=uWDq2l9DNlpTTlRsN04lMkJTeWElMkZBUjhDempLeUswdVNrdWpodW9jNGoyZzRyb3Z5SnNiaHo1cCUyRlIwczNJNHlTRVZyUGtjNTlJMlFDaTVFUkhNNGpSME4lMkZhZFBLM0JsT0VRVzIwNFRLdUg3ME9EZW5XMm1rWlNicWFQd25FVUdSJTJCeXAlMkZGVg&info=kBaMO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdFbXVTYyUyRlBaVUtEczBtVTVOSUdDZA&idsd=2066775959,-919537055&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
Hash a2034ac8a3945b807e8805b68e21a884
cdf2932b3564f6c22dbbd13fcf673a3603c3a92e
77926b30750e6e62c7d93d20da310169df4339e82fd2dc5006c81004763ab0cf
GET /sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=nazmimedane.yoo7.com&bundle=uWDq2l9DNlpTTlRsN04lMkJTeWElMkZBUjhDempLeUswdVNrdWpodW9jNGoyZzRyb3Z5SnNiaHo1cCUyRlIwczNJNHlTRVZyUGtjNTlJMlFDaTVFUkhNNGpSME4lMkZhZFBLM0JsT0VRVzIwNFRLdUg3ME9EZW5XMm1rWlNicWFQd25FVUdSJTJCeXAlMkZGVg&info=kBaMO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdFbXVTYyUyRlBaVUtEczBtVTVOSUdDZA&idsd=2066775959,-919537055&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1320195
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=f66c46257df046949ad1a685d15117fc
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f66c46257df046949ad1a685d15117fc
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 6fa91a07d54651620be3001d367cd9ae
7c65cc263040d1a0b375b1f1b2f7239282a27e9c
4baf3827e2028630984a5d585b5560a023bdf6080cc091e9276c8cd029ed70e6
GET /gid.js?userId=f66c46257df046949ad1a685d15117fc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f66c46257df046949ad1a685d15117fc; expires=Thu, 07 Dec 2023 12:36:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 370
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 12:36:40 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://nazmimedane.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f93fe0c44e63867b7f8553c1ca73460e
e664d98cd9803e5f179af596d8a2f50d79fc92b0
dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=477993,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d4eed0d3db4f7-OSL
ag.gbc.criteo.com/newidsd
178.250.6.204200 OK 30 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.204:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a061bcb9392464c3ebe548b1ac2875e2
602c744793a3027c53a07487c6fe5d52ba0afd44
7cb4471d09e47d7f616b25628d7c85e576df4a97e802b2724e5410b27a0db2db
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 135635
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://nazmimedane.yoo7.com
server-processing-duration-in-ticks: 457338
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 902
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 45eb635fb9137752980cba375a2d1d8c
fb44faaf33e1c664a4cc412e95c3ab90ad2d1573
4d9debe32fc1134fad8f8d7f36a892233b40ed326dd6e8b89e97375a0aa81177
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:41 GMT
Last-Modified: Wed, 07 Dec 2022 12:31:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:41 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A36%3A40.539&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2771&cv=20221206-9-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A36%3A40.539&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2771&cv=20221206-9-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A36%3A40.539&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2771&cv=20221206-9-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
x-fastly-to-nlb-rtt: 89082
access-control-allow-credentials: true
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=31589837&cb=1670416601152&uv=3245&tms=1670416601152&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670416597797!ts:1670416601152&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=31589837&cb=1670416601152&uv=3245&tms=1670416601152&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670416597797!ts:1670416601152&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=31589837&cb=1670416601152&uv=3245&tms=1670416601152&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670416597797!ts:1670416601152&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
content-length: 0
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
151.101.193.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP 151.101.193.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1716
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416602.616157,VS0,VE87
x-vcl-time-ms: 87
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
151.101.193.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
IP 151.101.193.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_4_5/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Bf8dw0NjA07TfpEMmKBaL+UFJWQuALEo7owO+vyJS0Z7+UM4VbN5qXqenI+jCaBsTF8hL6tqRMY=
x-amz-request-id: 89SNZ5N6GV47VA34
last-modified: Mon, 28 Nov 2022 10:07:46 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1669630065
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630064
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
age: 786442
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 206780
x-timer: S1670416602.724152,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
151.101.193.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
IP 151.101.193.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127788 bytes)
Hash 2b361da912acc8f13f4f1b545047025f
af3a70c02bb88e27a151e8edf4a93931ace2aced
7f44e7dee5fbeb1334cdcb6b06d37dbf74a5ce2c65d4494843a2dabd98f2ef1b
GET /vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: NxcjemMMJRUsCExBkB2iiVRl9DgwLdtVaii0IcyucefSWzHY1Wd9p4I32adBzeHQ7741KdCnChI=
x-amz-request-id: 89SJXSQ72NB1B3KT
last-modified: Mon, 28 Nov 2022 10:06:56 GMT
etag: "2b361da912acc8f13f4f1b545047025f"
x-amz-meta-ctime: 1669630015
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630014
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
age: 786442
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 92957
x-timer: S1670416602.762901,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127788
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83b14c1d1aad24849306b04249fca7ef
a5277e7a4b9c65431ee3be6d2694321abb8292ce
1f7c73b75fc9d8461bc6ccd6e95ca441c545de9d2a018e24095a1ca07b75a8a2
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3386
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:41 GMT
Last-Modified: Wed, 07 Dec 2022 11:40:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83b14c1d1aad24849306b04249fca7ef
a5277e7a4b9c65431ee3be6d2694321abb8292ce
1f7c73b75fc9d8461bc6ccd6e95ca441c545de9d2a018e24095a1ca07b75a8a2
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3386
Cache-Control: max-age=131571
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:41 GMT
Etag: "638fda92-1d7"
Expires: Fri, 09 Dec 2022 01:09:32 GMT
Last-Modified: Wed, 07 Dec 2022 00:13:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd4f86b7-762b-11ed-8a7d-1d7abbad0106; expires=Wed, 04-Jan-2023 12:36:41 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd4f8716-762b-11ed-8a7d-1d7abbad0106
X-fe: 28
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd54456d-762b-11ed-917e-1891fad20106; expires=Wed, 04-Jan-2023 12:36:41 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd5445d9-762b-11ed-917e-1891fad20106
X-fe: 83
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd4f8716-762b-11ed-8a7d-1d7abbad0106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd4f8716-762b-11ed-8a7d-1d7abbad0106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd4f8716-762b-11ed-8a7d-1d7abbad0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd54b5a3-762b-11ed-ac70-1ef5e1e50406; expires=Wed, 04-Jan-2023 12:36:41 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.193.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.193.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
age: 18233
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 2151
x-timer: S1670416602.902522,VS0,VE0
cache-control: private,max-age=31536000
abp: 2
content-length: 254
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.9/OvaMediaPlayer.js
151.101.193.44200 OK 88 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.9/OvaMediaPlayer.js
IP 151.101.193.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 6b34cacda27ec72b97b6737ed724b8de
2cf75cddd5c0fcf0998e5e09f1419bea5dceaa9b
a1f95863b6f6f800546cdb825c638d66defbf0ef1594e7a86aa6ddd40c6fafdd
GET /vpaid/vPlayer/player/v14.8.9/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HQC2qImu+yFtWRdwC7qdeEY+LwREinVNileBf8flE7jOTdBJ0PCsJIuGQaWmLhiRoOBa/JCpWd0=
x-amz-request-id: Q1CB2TACPSHX4QQR
last-modified: Mon, 05 Dec 2022 10:01:26 GMT
etag: "6b34cacda27ec72b97b6737ed724b8de"
x-amz-meta-ctime: 1670234485
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1670234471
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:42 GMT
via: 1.1 varnish
age: 182062
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 35720
x-timer: S1670416602.075937,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 88219
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.193.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.193.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:42 GMT
age: 471578
x-served-by: cache-bma1663-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 251784
x-timer: S1670416602.171456,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd5445d9-762b-11ed-917e-1891fad20106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd5445d9-762b-11ed-917e-1891fad20106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd5445d9-762b-11ed-917e-1891fad20106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd807e0f-762b-11ed-b94b-11e121d60506; expires=Wed, 04-Jan-2023 12:36:42 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 8
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd843c5e-762b-11ed-9628-197e22df0306; expires=Wed, 04-Jan-2023 12:36:42 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd843c9a-762b-11ed-9628-197e22df0306
X-fe: 30
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cf3ccbda3bc6b018f1dee2e36b1706f
8ff67eb73ad0be65572b3335016e88d7eb7c6acf
8d859aa693421fc54385d70644f1157fb2c988fbb25570908fcc8ff3d1cf18e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 386
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:42 GMT
Last-Modified: Wed, 07 Dec 2022 12:30:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash c7dc0655b32b607d89a1eed30bf9adf9
662acbbd11cac46c12a6e507ae3e74cc1d18daeb
4f80fe00c39035ccdb5c495fd60ae97ccc70d17c49f7072f16385c85d847ea3b
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Dec 2022 09:59:13 GMT
ETag: "662acbbd11cac46c12a6e507ae3e74cc1d18daeb"
Last-Modified: Wed, 07 Dec 2022 09:59:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1369
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775d4ef42d3fb505-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=522604,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d4ef40e6eb4f7-OSL
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd843c9a-762b-11ed-9628-197e22df0306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd843c9a-762b-11ed-9628-197e22df0306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd843c9a-762b-11ed-9628-197e22df0306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd8fb04d-762b-11ed-b629-1348667f0406; expires=Wed, 04-Jan-2023 12:36:42 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 141
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.21.206.244301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.21.206.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 07 Dec 2022 12:36:42 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 12:36:42 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNqIkGMCEP4BX9c5I-VZ-9YyfI9KlwoFEgEBAQHakWOaYwAAAAAA_eMAAA&S=AQAAAgyHyH1t1b3xZtMMt-s8oEY; Expires=Thu, 7 Dec 2023 18:36:42 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
52.57.226.105200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 52.57.226.105:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:42 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:42 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 12:36:42 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNqIkGMCEIbVRUUvWaltxIu4Ig4kqy4FEgEBAQHakWOaYwAAAAAA_eMAAA&S=AQAAAtHXMA8CBNkkcgYZYUHjEcY; Expires=Thu, 7 Dec 2023 18:36:42 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 12:36:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.js
2.23.134.137200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18728)
Hash c23334821dbe1cdf6bc4232f2edade87
b166fd9143d65e8cbcb5307c58283c454872fb12
e7d19860d089f51d0cc692e059d84a5063e4502dff853389ddd57c32aa358021
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 07 Dec 2022 04:30:38 GMT
Content-Encoding: gzip
Content-Length: 10065
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=57212
Expires: Thu, 08 Dec 2022 04:30:14 GMT
Date: Wed, 07 Dec 2022 12:36:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=undefined&cb=1670416601153&uv=3245&tms=1670416601153&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ba5633dc-e2e2-4bdb-8cf3-41311b79eec2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.193.44200 OK 917 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=undefined&cb=1670416601153&uv=3245&tms=1670416601153&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ba5633dc-e2e2-4bdb-8cf3-41311b79eec2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.193.44:0
Hash e7245ef78faf5637131153e56fc22e81
1ee4322d05c1b12488be4c985cf06032c6d45705
84fc69731b17b040d57810da29f84b1f5f01bc7a3588a699039d278e402edaa9
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=undefined&cb=1670416601153&uv=3245&tms=1670416601153&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ba5633dc-e2e2-4bdb-8cf3-41311b79eec2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416602.521669,VS0,VE21
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.193.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:42 GMT
via: 1.1 varnish
age: 1916
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 3929
x-timer: S1670416603.576248,VS0,VE0
vary: Accept-Encoding
abp: 2
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.1.44200 OK 4 B IP 151.101.1.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://nazmimedane.yoo7.com
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670416601197&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=678339822&tz=0&viewable=true&ddast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fnazmimedane.yoo7.com&en=1
151.101.193.44200 OK 966 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670416601197&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=678339822&tz=0&viewable=true&ddast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fnazmimedane.yoo7.com&en=1
IP 151.101.193.44:0
Hash 36c659f2ed29846410989d1922dbe2cd
2968acad524ac3e120faa934ac993bf627a97518
3b6b9770cdd6ea67bf1562f899017f14e89dc5e212f792522b434e0a2b389fe9
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670416601197&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=678339822&tz=0&viewable=true&ddast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fnazmimedane.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1478
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416602.599595,VS0,VE104
vary: Accept-Encoding
X-Firefox-Spdy: h2
pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
54.164.248.203200 OK 113 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 54.164.248.203:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 94689ba5dfb675584443c4fb4a44861c
e7a34caf419bed7d61f391b970eb364b2b656a05
6390f905f09ad9b6cf36838c0eb641c345f6cceefa5199c58700c5bc8c645e4b
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:42 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77cdc0e754649a7698372790bb386f77
93a2d364f511a901cca7cca1938e7f3f4acae18c
27c5f463e2e87e191bd8e827887e1790c5bbfb8aa198c185a799bdd6606ec971
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 202
Cache-Control: max-age=106406
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 12:36:42 GMT
Etag: "638f84b6-1d7"
Expires: Thu, 08 Dec 2022 18:10:08 GMT
Last-Modified: Tue, 06 Dec 2022 18:06:46 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID&gdpr=1&us_privacy=1---
185.89.211.116400 Request failed due to privacy signals 146 B URL HTTP/1.1 ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID&gdpr=1&us_privacy=1---
IP 185.89.211.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6ba2e6193e3c04a544b487011a5faf29
01ba4f12b932a934fad5b51614b85f824cc80ffe
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a
GET /getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID&gdpr=1&us_privacy=1--- HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Request failed due to privacy signals
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
token.rubiconproject.com/token?pid=10362&gdpr=1&us_privacy=1---
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=10362&gdpr=1&us_privacy=1---
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=10362&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=1&us_privacy=1---
91.228.74.251302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=1&us_privacy=1---
IP 91.228.74.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=1&us_privacy=1--- HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 12:36:42 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=j5_8s4GUoeKUz_y128notN-f8bqUz_3mjcncQL0M
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=ELQBCwHgJ8ujAA; expires=Tue, 07-Mar-2023 12:36:42 GMT; path=/; domain=.quantserve.com
mc=639088da-c96be-7f349-c8e4e; expires=Sun, 07-Jan-2024 12:36:42 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
69.173.144.138302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---
content-length: 0
token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=36584&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=j5_8s4GUoeKUz_y128notN-f8bqUz_3mjcncQL0M
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=j5_8s4GUoeKUz_y128notN-f8bqUz_3mjcncQL0M
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=4939&nid=1902&&put=j5_8s4GUoeKUz_y128notN-f8bqUz_3mjcncQL0M HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---
142.250.74.98302 Found 311 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 69956e1dab0ec7b7cc2ce241988bc563
4a219bf0c65cecd2ec38827c744c6742d95fee72
f7fd2d5100b84e077766cc91221b4da3feef9501429330ca35e921ad5c6253e6
GET /pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1--- HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
date: Wed, 07 Dec 2022 12:36:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 311
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 12:51:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
142.250.74.98200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
IP 142.250.74.98:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Dec 2022 12:36:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 657362ec24a524beb78cd810eeb1b852
32e34e8ed210fdeab50291f1b99a8ec3812db9a8
ecd154c32d9208498343a893fd901a2df4d142c46e3dc6f7aac0e1954b9889b6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:42 GMT
Last-Modified: Wed, 07 Dec 2022 12:24:06 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yAEN4nl5tEW-fqmBH6dKK3Ydyks6dQ63gvIpl4AD1FJ4r6aM4atYcw==
Age: 756
beacon.lynx.cognitivlabs.com/rb.gif?gdpr=1&us_privacy=1---
35.153.45.106302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/rb.gif?gdpr=1&us_privacy=1---
IP 35.153.45.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rb.gif?gdpr=1&us_privacy=1--- HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 07 Dec 2022 12:36:43 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=c234860c-9f5d-45f0-8ba7-b1a8c17b4ecd&expires=365
Set-Cookie: UID=c234860c-9f5d-45f0-8ba7-b1a8c17b4ecd; expires=Thu, 07 Dec 2023 12:36:43 GMT; path=/; secure; samesite=none
ss=Z2vb%2BywLb6j6mleEFRqGcECCSrIy0BvzhGjKN8ftrmenbVOCLBQ0VDlGiiBJKITo6RKkIRMy0ZQIyOZkpLQgGw%3D%3D; expires=Thu, 07 Dec 2023 12:36:43 GMT; path=/; secure; samesite=none
pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=c234860c-9f5d-45f0-8ba7-b1a8c17b4ecd&expires=365
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=c234860c-9f5d-45f0-8ba7-b1a8c17b4ecd&expires=365
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=711370&nid=5504&put=c234860c-9f5d-45f0-8ba7-b1a8c17b4ecd&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Content-Type: application/json
Origin: https://nazmimedane.yoo7.com
Content-Length: 395
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e974f2bc11875385019a53ee04ab3879
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=31f26318db374b1e9fe5d7a1b2a5ea62&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=31f26318db374b1e9fe5d7a1b2a5ea62&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 6fa91a07d54651620be3001d367cd9ae
7c65cc263040d1a0b375b1f1b2f7239282a27e9c
4baf3827e2028630984a5d585b5560a023bdf6080cc091e9276c8cd029ed70e6
GET /gid.js?pub=0&userId=31f26318db374b1e9fe5d7a1b2a5ea62&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Cookie: ID=f66c46257df046949ad1a685d15117fc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:47 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f66c46257df046949ad1a685d15117fc; expires=Thu, 07 Dec 2023 12:36:47 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:42 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery/marquee/jquery.marquee.min.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery/marquee/jquery.marquee.min.js
IP 172.67.150.97:0
GET /rs3/66/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Thu, 23 Nov 2023 09:22:24 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: HIT
x-cache-pr: HIT
cf-cache-status: HIT
age: 1221255
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKwPtlXMWnleqOR%2BFg%2FWrs8pM9jc%2BSHBt3MYVuQKtnCjyG6IMVt0VcbbJuTDy7pe2bbVQNGRSTQ2HhNKoZ%2FkUiAUEIauO4376cYhbufwT9hfj1iM3zGErJLGfGsBBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee1cc950b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/lang/ar.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/lang/ar.js
IP 172.67.150.97:0
GET /rs3/66/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:36:20 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1220419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4wAQCaJyFUE8wUQXU%2BxeOUl0Zjcnw05QJJsEMMR5UWsAfgBeCzNJgUExga1XWUQB2XtV1to4kNRv7m15d9803ueTEzb36SwQHJH9UasbYyINFcpWYi3QGIAnHItLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee1ecac0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
x-crto-bundle: odaaeV85Tm52NU96UTclMkZIRGZvcFh3TnlKNmJwbm8xc2t6a0l0VEh2QlEzQkJHTUJEMGdwcjBzdHVQJTJCMnpUaXhqeCUyQlhxcW43Z2pRSmdRdDdMZFBsOUhuZVhhNmNweVFzOWRvelg0bW5nJTJGTGFvZGZndk9NRVI0Y0xPU2xoSmY3b1NUdzFQ
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://nazmimedane.yoo7.com
server-processing-duration-in-ticks: 4072106
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=nazmimedane.yoo7.com
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=nazmimedane.yoo7.com
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=nazmimedane.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:38 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=1aed7647-9d5e-49c5-a6d6-639ef59683fb; expires=Mon, 01 Jan 2024 12:36:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 621555
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.26200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.26:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 51437
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=Hx9f1F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdKYmFYbG53OXhhdUpkMmcyQVJQRzQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=kBaMO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdFbXVTYyUyRlBaVUtEczBtVTVOSUdDZA; expires=Mon, 01 Jan 2024 12:36:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 379580
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
nazmimedane.yoo7.com/t659-topic
94.23.159.185200 OK 0 B URL HTTP/2 nazmimedane.yoo7.com/t659-topic
IP 94.23.159.185:0
GET /t659-topic HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Wed, 07 Dec 2022 00:00:00 GMT
last-modified: Wed, 07 Dec 2022 12:36:38 GMT
vary: User-Agent
set-cookie: exadd=167043; expires=Wed, 07-Dec-2022 16:36:38 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
IP 172.67.150.97:0
GET /rs3/66/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:23 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1221256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKSS0CbEZXMZWdSZEdk1DFQPoNEsiqkRJGYLnd0nvVchk7zgzSe%2F3yphCXQRfSjrDxE0rZX0VAoK4gmrBsHQsx5QFqihHWog23wP5%2FxdnJC4bC0QISXhjurM8%2FYV%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee1bc860b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/embed/FA_Embed.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/embed/FA_Embed.js
IP 172.67.150.97:0
GET /rs3/66/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:27 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1221252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEc0%2F9Pid7mieg%2FupdTe9bMFunC8f%2B8Te3WKI4mlt5l14Flsmq3K8XLKh1IEx9cNgK5iGZD46WNezKEqa8upM1BR9AhppxSFJTYe4VuM0USDY%2Bncr9IO9N46t70rCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee1cc8e0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
nazmimedane.yoo7.com/sw.js
94.23.159.185200 OK 0 B URL HTTP/2 nazmimedane.yoo7.com/sw.js
IP 94.23.159.185:0
GET /sw.js HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/t659-topic
Connection: keep-alive
Cookie: exadd=167043; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.272916276.1670416600; _gid=GA1.2.260530178.1670416600; _gat_gtag_UA_144347007_1=1; _gat_gtag_UA_12893221_1=1; trc_cookie_storage=taboola%2520global%253Auser-id%3D2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58; cto_bundle=uWDq2l9DNlpTTlRsN04lMkJTeWElMkZBUjhDempLeUswdVNrdWpodW9jNGoyZzRyb3Z5SnNiaHo1cCUyRlIwczNJNHlTRVZyUGtjNTlJMlFDaTVFUkhNNGpSME4lMkZhZFBLM0JsT0VRVzIwNFRLdUg3ME9EZW5XMm1rWlNicWFQd25FVUdSJTJCeXAlMkZGVg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO9%2Fsgr4rLh8BmleoSD077sgCMOd3RbRLJwkhUdy5Rw8npvL4EQL%2FQu2LAqQOhPYQjU%2B1OstofPjAJBGNRJp%2FE98gVQzSQ%2FB2H4wbAWfE%2FStUqWdTif5FUN3DHUcIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4eebcfe40b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nazmimedane.yoo7.com/?utm_source=pwa
94.23.159.185200 OK 0 B URL HTTP/2 nazmimedane.yoo7.com/?utm_source=pwa
IP 94.23.159.185:0
GET /?utm_source=pwa HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=167043; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Wed, 07 Dec 2022 00:00:00 GMT
last-modified: Wed, 07 Dec 2022 12:36:39 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 5255
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjQtEkccXBmKYAro8Tpsx4UgrBFa5SIJbQOLfzpOl0%2BhqTm3VLVgwiIRhOpQjOJf97Xoa8Tx6D6F0h63OQ00SX3Md8US%2BDUFnKjrN5FJyrp3M%2Fc%2BtnWdtPagNLtpPf5G0733H6eV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee598430b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 1009034
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A36%3A39.979<i=deflated&data=%7B%22id%22%3A232%2C%22ii%22%3A%22%2Ft659-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670357703571%2C%22vi%22%3A1670416599976%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic%22%2C%22vpi%22%3A%22%2Ft659-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1330%2C%22dh%22%3A2240%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A552.5%2C%22mw%22%3A0%2C%22amw%22%3A606.9500122070312%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft659-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.193.44200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A36%3A39.979<i=deflated&data=%7B%22id%22%3A232%2C%22ii%22%3A%22%2Ft659-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670357703571%2C%22vi%22%3A1670416599976%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic%22%2C%22vpi%22%3A%22%2Ft659-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1330%2C%22dh%22%3A2240%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A552.5%2C%22mw%22%3A0%2C%22amw%22%3A606.9500122070312%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft659-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.193.44:0
GET /forumotion-ar/trc/3/json?tim=12%3A36%3A39.979<i=deflated&data=%7B%22id%22%3A232%2C%22ii%22%3A%22%2Ft659-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670357703571%2C%22vi%22%3A1670416599976%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic%22%2C%22vpi%22%3A%22%2Ft659-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1330%2C%22dh%22%3A2240%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A552.5%2C%22mw%22%3A0%2C%22amw%22%3A606.9500122070312%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft659-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416600.346338,VS0,VE197
vary: Accept-Encoding
x-vcl-time-ms: 197
X-Firefox-Spdy: h2
nazmimedane.yoo7.com/serviceworker.js
94.23.159.185200 OK 0 B URL HTTP/2 nazmimedane.yoo7.com/serviceworker.js
IP 94.23.159.185:0
GET /serviceworker.js HTTP/1.1
Host: nazmimedane.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=167043; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 12:36:39 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-type: application/javascript
x-trace-id: 4a10725e6c4a8042046783335e78e954
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f66c46257df046949ad1a685d15117fc; expires=Thu, 07 Dec 2023 12:36:40 GMT; path=/; secure; SameSite=None
oaidts=1670416600; expires=Thu, 07 Dec 2023 12:36:40 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2