Overview

URLnazmimedane.yoo7.com/t659-topic
IP 178.33.43.178 (France)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-07 12:36:50 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (66)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
api.viglink.com (5) 4397 2012-05-23 13:47:26 UTC 2022-12-06 20:46:34 UTC 34.246.116.79
trc-events.taboola.com (1) 1779 2020-06-09 13:52:57 UTC 2022-12-06 17:24:48 UTC 141.226.228.48
img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-12-06 17:31:54 UTC 34.120.237.76
my.rtmark.net (2) 9054 2015-02-04 09:54:57 UTC 2022-12-06 19:56:06 UTC 139.45.195.8
csm.nl.eu.criteo.net (1) 6830 2017-01-30 04:55:08 UTC 2022-12-06 23:31:19 UTC 178.250.2.150
r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-12-06 17:12:17 UTC 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-06 17:12:34 UTC 34.102.187.140
cdn.taboola.com (5) 1040 2013-07-19 23:48:03 UTC 2022-12-06 17:18:08 UTC 151.101.193.44
stootsou.net (8) 145219 2021-04-05 08:22:21 UTC 2022-12-07 08:20:04 UTC 139.45.197.250
ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-12-06 19:59:38 UTC 178.250.6.204
beacon.lynx.cognitivlabs.com (1) 1345 2016-06-20 21:15:43 UTC 2022-12-07 07:54:08 UTC 35.153.45.106
ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-12-06 17:12:08 UTC 142.250.74.131
www.google.com (1) 7 2012-11-08 00:08:21 UTC 2022-12-06 23:42:40 UTC 216.58.211.4
dnacdn.net (3) 3760 2019-09-02 15:07:45 UTC 2022-12-06 17:20:37 UTC 178.250.0.157
15.taboola.com (1) 1912 2017-03-15 11:40:55 UTC 2022-12-07 01:20:09 UTC 151.101.193.44
trc.taboola.com (2) 602 2012-12-27 11:54:42 UTC 2022-12-06 17:12:10 UTC 151.101.193.44
sync.search.spotxchange.com (6) 523 2012-05-22 08:29:33 UTC 2022-12-06 17:15:02 UTC 185.94.180.126
pips.taboola.com (1) 1840 2021-02-15 14:32:07 UTC 2022-12-07 00:53:38 UTC 151.101.1.44
token.rubiconproject.com (4) 671 2017-01-30 05:00:50 UTC 2022-12-06 17:15:24 UTC 69.173.144.138
am-match.taboola.com (2) 12278 2020-03-18 14:33:10 UTC 2022-12-07 00:53:36 UTC 141.226.228.48
i.servimg.com (2) 258270 2015-07-24 09:25:42 UTC 2022-12-06 23:40:57 UTC 172.67.178.62
www.google-analytics.com (1) 40 2012-05-21 09:41:50 UTC 2022-12-06 23:17:44 UTC 216.239.38.178
connect.topicit.net (1) 523065 2017-11-15 10:04:29 UTC 2022-12-06 14:06:24 UTC 104.21.90.171
2img.net (8) 212398 2016-06-23 06:31:49 UTC 2022-12-06 14:06:23 UTC 104.21.235.175
gem.gbc.criteo.com (2) 6039 2019-01-31 10:05:09 UTC 2022-12-06 19:25:54 UTC 178.250.6.26
ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-12-06 21:32:26 UTC 104.18.32.68
static.criteo.net (1) 652 2012-05-22 17:01:05 UTC 2022-12-06 20:03:22 UTC 178.250.2.130
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-12-06 19:04:45 UTC 139.45.195.253
gum.criteo.com (6) 381 2015-01-22 10:58:57 UTC 2022-12-07 00:17:34 UTC 178.250.2.146
am-vid-events.taboola.com (1) 11733 2020-04-26 14:32:16 UTC 2022-12-07 01:07:56 UTC 141.226.228.48
eus.rubiconproject.com (3) 556 2018-01-25 06:18:10 UTC 2022-12-06 17:12:48 UTC 2.23.134.137
cms.quantserve.com (1) 1064 2017-01-30 04:59:06 UTC 2022-12-07 00:05:42 UTC 91.228.74.251
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-12-07 00:06:51 UTC 172.67.194.45 Unknown ranking
ocsp.digicert.com (19) 86 2012-05-21 07:02:23 UTC 2022-12-06 21:45:35 UTC 93.184.220.29
il-trc-events.taboola.com (1) 22667 2021-06-17 07:23:06 UTC 2022-12-07 01:07:54 UTC 185.106.33.48
cm.g.doubleclick.net (2) 202 2012-05-22 09:58:28 UTC 2022-12-07 00:44:48 UTC 142.250.74.98
twemoji.maxcdn.com (1) 9109 2017-01-30 05:01:32 UTC 2022-12-06 17:26:17 UTC 151.139.237.124
www.googletagmanager.com (2) 75 2012-10-04 01:07:32 UTC 2022-12-06 23:57:23 UTC 142.250.74.168
ocsp.sca1b.amazontrust.com (2) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
images.taboola.com (1) 1621 2013-07-11 09:17:44 UTC 2022-12-07 00:53:36 UTC 151.101.193.44
vidstatb.taboola.com (1) 8893 2017-10-08 16:05:45 UTC 2022-12-07 00:53:37 UTC 151.101.193.44
ups.analytics.yahoo.com (2) 287 2019-05-09 15:57:40 UTC 2022-12-06 17:12:55 UTC 18.156.0.31
secure-assets.rubiconproject.com (1) 1057 2012-05-30 19:51:39 UTC 2022-12-06 17:12:55 UTC 2.21.206.244
match.adsrvr.org (1) 349 2012-05-21 08:27:04 UTC 2022-12-06 19:39:22 UTC 3.33.220.150
illiweb.com (4) 265462 2012-06-26 01:06:07 UTC 2022-12-06 14:06:18 UTC 172.67.150.97
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-06 17:17:39 UTC 34.160.144.191
ajax.googleapis.com (1) 12905 2012-05-22 10:38:03 UTC 2022-12-07 01:00:33 UTC 142.250.74.170
ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-12-06 17:12:20 UTC 104.18.21.226
bidder.criteo.com (2) 750 2017-01-30 05:01:16 UTC 2022-12-06 23:40:03 UTC 178.250.2.131
imprammp.taboola.com (1) 11978 2017-03-12 17:38:44 UTC 2022-12-07 00:53:36 UTC 151.101.193.44
pixel.rubiconproject.com (3) 314 2012-10-09 03:17:38 UTC 2022-12-06 17:13:26 UTC 69.173.144.165
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 17:13:17 UTC 34.117.237.239
nazmimedane.yoo7.com (10) 0 2022-09-03 11:32:01 UTC 2022-09-03 11:32:01 UTC 94.23.159.185 Domain (yoo7.com) ranked at: 495499
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-12-07 00:59:28 UTC 151.101.193.229
vidstat.taboola.com (3) 1927 2017-08-29 11:41:42 UTC 2022-12-07 00:53:36 UTC 151.101.193.44
status.geotrust.com (2) 3662 2017-12-01 08:55:31 UTC 2022-12-06 17:33:42 UTC 93.184.220.29
ib.adnxs.com (1) 241 2012-05-20 19:01:49 UTC 2022-12-06 17:12:04 UTC 185.89.211.116
stats.g.doubleclick.net (1) 96 2012-07-01 17:13:23 UTC 2022-12-06 18:18:53 UTC 64.233.164.157
wf.taboola.com (1) 2328 2017-03-01 15:03:50 UTC 2022-12-07 00:53:36 UTC 151.101.193.44
taboola-supply-partners.tremorhub.com (1) 3369 2018-12-02 13:13:18 UTC 2022-12-07 00:53:37 UTC 54.164.248.203
cdn.betgorebysson.club (1) 149925 2020-07-24 15:19:13 UTC 2022-12-07 08:26:05 UTC 139.45.195.8
nazmimedane.yoo7.com (10) 0 2022-09-03 11:32:01 UTC 2022-09-03 11:32:01 UTC 94.23.73.212 Domain (yoo7.com) ranked at: 495499
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-06 17:19:43 UTC 52.42.74.230
cdn.viglink.com (1) 4113 2012-10-26 15:59:48 UTC 2022-12-07 00:53:35 UTC 54.230.111.6
x.bidswitch.net (1) 286 2012-10-03 23:30:53 UTC 2022-12-06 17:12:08 UTC 52.57.226.105
www.google.no (1) 25607 2012-06-26 23:22:08 UTC 2022-12-06 20:15:41 UTC 142.250.74.67

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-07 2 datatechonert.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 178.33.43.178
Date UQ / IDS / BL URL IP
2023-01-30 12:20:03 +0000 0 - 0 - 7 lmada.hooxs.com/t2159p25-topic 178.33.43.178
2022-12-07 12:36:50 +0000 0 - 0 - 1 nazmimedane.yoo7.com/t659-topic 178.33.43.178
2022-12-04 21:04:40 +0000 0 - 0 - 9 never.roo7.biz/t432-topic 178.33.43.178
2022-11-30 12:24:21 +0000 0 - 0 - 7 video100.rigala.net/ 178.33.43.178
2022-11-27 12:56:27 +0000 0 - 0 - 9 palestine-22.rigala.net/t6-topic 178.33.43.178


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-02-05 00:34:26 +0000 0 - 0 - 55 ecosiam.ma/ 94.23.45.221
2023-02-05 00:15:34 +0000 0 - 2 - 0 node7.datanodes.to:8443/d/rcmhqp5ckae5w4x3s3z (...) 141.94.254.79
2023-02-04 23:47:01 +0000 0 - 0 - 23 zelenka.guru/account-confirmation/6559443/ema (...) 151.80.169.29
2023-02-04 23:46:13 +0000 0 - 1 - 0 mcdrivers.driverscloud.com/applis/DriversClou (...) 178.33.231.199
2023-02-04 23:46:02 +0000 0 - 0 - 15 jurassik-race.com/ 46.105.51.211


Last 5 reports on domain: yoo7.com
Date UQ / IDS / BL URL IP
2022-12-22 09:50:46 +0000 0 - 1 - 0 bokradz.yoo7.com/t109-topic 178.33.44.177
2022-12-10 10:07:47 +0000 0 - 0 - 1 elkh.yoo7.com/t36-topic 94.23.76.111
2022-12-09 04:26:06 +0000 0 - 0 - 1 azhermed.yoo7.com/f101-montada 94.23.76.111
2022-12-07 12:46:20 +0000 0 - 0 - 1 ti9ni2012.yoo7.com/t1615-topic 178.33.44.177
2022-12-07 12:36:50 +0000 0 - 0 - 1 nazmimedane.yoo7.com/t659-topic 178.33.43.178


No other reports with similar screenshot

JavaScript

Executed Scripts (51)

Executed Evals (4)
#1 JavaScript::Eval (size: 18) - SHA256: 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91
var foo = (x) => x + 1
#2 JavaScript::Eval (size: 81) - SHA256: 5d9c921f457fc72de46bca3a0726250b8aa108095973a4b5256f4c78844f48a2
(() => {
    const a = async
    function name() {};
    window['085453nv0wde'] = true;
})()
#3 JavaScript::Eval (size: 9) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351
debugger;
#4 JavaScript::Eval (size: 27583) - SHA256: 08949469cdce93525c446617141083fd17604e7dcec57b6b2fe837a7044d41a9
var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&excid=22&docw=0&cijs=1&nlb=true');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
cmTag.set("preset", {
    "level": 1
});
cmTag.set('player.settings.regx', '\x22\x64\x65\x6D\x61\x6E\x64\x53\x6F\x75\x72\x63\x65\x49\x64\x22\x3A\x35\x34\x36\x38\x34\x7C\x2E\x63\x6C\x65\x61\x72\x73\x74\x72\x65\x61\x6D\x2E\x74\x76\x7C\x2E\x63\x6C\x72\x73\x74\x6D\x2E\x63\x6F\x6D\x7C\x74\x6D\x2D\x70\x72\x6F\x6D\x6F\x2E\x73\x33\x2E\x61\x6D\x61\x7A\x6F\x6E\x61\x77\x73\x7C\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x73\x74\x6F\x72\x79\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x65\x6C\x69\x74\x65\x6C\x6D\x65\x64\x69\x61\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x2E\x63\x6F\x6D\x7C\x76\x65\x72\x74\x61\x6D\x65\x64\x69\x61\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x70\x72\x6F\x2E\x63\x6F\x6D\x7C\x68\x69\x67\x68\x72\x61\x74\x65\x64\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x2E\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x7C\x6D\x61\x72\x6B\x65\x74\x69\x6E\x67\x76\x69\x64\x65\x6F\x6E\x6F\x77\x2E\x63\x6F\x6D\x7C\x70\x6F\x70\x6F\x76\x69\x64\x65\x6F\x61\x64\x2E\x63\x6F\x6D\x7C\x64\x61\x66\x61\x63\x64\x64\x2E\x61\x73\x69\x61\x7C\x73\x62\x2E\x77\x69\x6E\x39\x39\x39\x77\x69\x6E\x2E\x63\x6F\x6D\x7C\x6E\x73\x73\x66\x2E\x63\x6F\x6D\x7C\x75\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x76\x2E\x73\x68\x75\x6C\x63\x6F\x6E\x74\x2E\x63\x6F\x6D\x7C\x76\x2E\x61\x6C\x67\x6F\x76\x69\x64\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x2E\x73\x70\x72\x69\x6E\x67\x73\x65\x72\x76\x65\x2E\x63\x6F\x6D\x7C\x70\x6D\x69\x2E\x63\x6F\x6D');

cmTag.set('player.settings.hjkbldomsencdd', ["dGFncy5ia3J0eC5jb20=", "bGlwaWthcl9ib2R5Y2FyZV9hd2FyZW5lc3M=", "Z2FjZG4=", "bWlycmEuaW8=", "YnJ0bWVkaWE=", "VUEtNTcwODQyNTctNw==", "Y29pbi1oaXZlLmNvbQ==", "YnVuZGxlLmNsZWFyc3RyZWFtLnR2", "LmNscnN0bS5jb20=", "dmlkZW8ubGVhZHp1LmNvbQ==", "LmxlYWR6dS5jb20=", "czAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW8vcHYyLzYwMTI4Njk2Lw==", "YWR2ZXJ0aXNpbmdzdG9yeS5jb20=", "bWVkaWFncm91cGFkcy5jb20=", "ZWxpdGVsbWVkaWFhZHZlcnRpc2luZy5jb20=", "dmVydGFtZWRpYS5jb20=", "bWVkaWFncm91cHByby5jb20=", "aGlnaHJhdGVkYWRzLmNvbQ==", "dmlkZW9ncmFtbWljLmNvbQ==", "bWFya2V0aW5ndmlkZW9ub3cuY29t", "c3RhdGljLm1hcmtldGluZ3ZpZGVvbm93LmNvbQ==", "ZmlsZXMud2VidmlkZW9nbG9iYWwuY29t", "d2VidmlkZW9nbG9iYWwuY29t", "d2VibWVkaWFhcHAuY29t", "ZmlsZXMud2VibWVkaWFhcHAuY29t", "cG9wb3ZpZGVvYWQuY29t", "c2Iudm9pY2VmaXZlLmNvbQ==", "b25lLm00ZGMuY29t", "dXBpZXcuY29t", "cGlldy5jb20=", "di5zaHVsY29udC5jb20=", "di5hbGdvdmlkLmNvbQ==", "dmlkLnNwcmluZ3NlcnZlLmNvbQ==", "cG1pLmNvbQ=="]);

cmTag.set('liteUnitVersion', '3.9.8');
cmTag.set('player.versions.vplayer', 'v14.8.9');
cmTag.set('player.settings.anltcsurlv2', '/vpaid/vpaidAnalytics.3.js');
cmTag.set('player.settings.anltcsurlv4', '/vpaid/vpaidAnalytics.40.js');
cmTag.set('player.settings.hjkv1', '/vpaid/hjk.226.js');
cmTag.set('player.settings.dsu', '/vpaid/ds/188/dsm.js');
cmTag.set("player.settings.use_flash_player", false);
cmTag.set('player.settings.vidfkadldt', 100);
cmTag.set('player.settings.mintimwf', 5000);
cmTag.set('player.settings.dlyimpnonmoatrv', true);
cmTag.set('player.settings.frgtadpxls', 0);
cmTag.set('player.settings.rprtwrpropntime', false);
cmTag.set('player.settings.slwcnctlngt', 10);
cmTag.set('player.settings.mnbfrsz', 0.25);
cmTag.set("player.settings.prftchmxlngth", 15);
cmTag.set('player.settings.adtrgtcss', true);
cmTag.set('player.settings.pvpd', 'javascript');
cmTag.set('player.settings.prbdjsv', '1.1.0');
cmTag.set('player.settings.prfrmncmsrmnts', true);
cmTag.set('player.settings.encwfrs', true);
cmTag.set('player.settings.prfrmdfl', 'javascript');
cmTag.set('elasticLogger.isActive', true);
cmTag.set('elasticLogger.maxEventsToLog', 500);
cmTag.set('player.settings.dpndonuntfrlgtoelstc', true);
cmTag.set('player.settings.qsrtscr', function(it, vpd) {
    if (vpd.alfrox === 0 && vpd.rpox > 0) {
        return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.rpox * 1000));
    }
    return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.alfrox * vpd.rpox * 1000));
});
cmTag.set("player.settings.updtcmpbfrwf", false);
cmTag.set("components.adChoice.isActive", false);
cmTag.set("timeBetweenAds", 0);
cmTag.set("canStartPlayer", true);
cmTag.set('isAnimateOnClose', true);
cmTag.set('isToggleIframeContent', true);
cmTag.set('isPWOV', true);
cmTag.set('secondsToCloseGlobal', 2700);
cmTag.set('pubViewabilityPercent', 0);
cmTag.set('trcPerformanceMeasurementEnabled', true);
cmTag.set('additionalCss', {
    'text-align': 'left'
});
cmTag.set('player.urls.contentVideosLocation', '//vidstatb.taboola.com/vid');
cmTag.set('player.urls.contentImagesLocation', '//vidstatb.taboola.com/vid/img');
cmTag.set('microServices.PMS.version', '3.2.2');
cmTag.set('unitsBaseUrl', '//vidstat.taboola.com/vpaid/units/');
cmTag.set('player.urls.vplayerLocation', '//vidstat.taboola.com/vpaid/vPlayer');
cmTag.set('hasSupportTool', true);
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('gaFactor', 100);


var dsvr = "" || false;
cmTag.set("player.settings.dataSaver", false);
if (dsvr === 'on') {
    cmTag.set("player.settings.max_ready_vpaid", 4);
    cmTag.set("player.settings.mintimwf", 5000);
}

cmTag.set("countryIsoCode", "nor");
cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'tha'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'TH'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'ind'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IN'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});




cmTag.set('version', '32_4_5');
cmTag.set('pixels.url', '//am-vid-events.taboola.com/st');
cmTag.set('pixels.unitLoadedWithFill.isFire', false);
cmTag.set('fireLoadUnitPixelsFactor', 10);
cmTag.set("secondsToClose", 120);
cmTag.set("adMaxPlaySeconds", 210);
cmTag.set('player.settings.prtct', '/vpaid/hjk.16.js');
cmTag.set('player.settings.cntonvfrc', false);
cmTag.set('player.settings.mxemptwf', 5);
cmTag.set('player.settings.ltmxemptwf', 5);
cmTag.set('player.settings.erlyai', true);
cmTag.set("player.settings.timbtopps", 5000);
cmTag.set('player.settings.frstlk', true);
cmTag.set('viewPercent', '50');
cmTag.set('timbtopps', 5000);
cmTag.set('cookieMatchActive', true);
cmTag.set('maxNonRvVimpsInQueue', 2);
cmTag.set('maxVimpsInQueue', 1);
cmTag.set('numOfWfUntilDcSwitch', 19);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set('eligibilityValidator.observers.mutation.isActive', true);
cmTag.set('eligibilityValidator.observers.mutation.isObserveParent', true);
cmTag.set('eligibilityValidator.isRvOnly', true);
cmTag.set('player.settings.rvfrquesttsemttr', 'any');
cmTag.set('pixels.overlayDetectedAfterImpression.factor', 20);
cmTag.set('clsDetector.isActive', true);
// Browser and OS wurfl
cmTag.set("wurfl.os.name", "Windows");
cmTag.set("wurfl.os.version", "10");
cmTag.set("wurfl.browser.name", "Firefox");
cmTag.set("wurfl.browser.version", "105");
cmTag.set("player.settings.wurfl.os.name", "Windows");
cmTag.set("player.settings.wurfl.os.version", "10");
cmTag.set("player.settings.wurfl.browser.name", "Firefox");
cmTag.set("player.settings.wurfl.browser.version", "105");

cmTag.set('opps.detach.isFire', true);
cmTag.set('opps.attach.isFire', true);
cmTag.set("player.settings.sndvltopp", false);
cmTag.set('player.settings.tglifrmcntndsplyactv', true);
cmTag.set('player.settings.aduntldflbfruntld', true);
cmTag.set('player.settings.dtctprvtbrwsng', false);
cmTag.set('isUseNewViewabilityCalc', true);
cmTag.set('100viewPercent', 98);
cmTag.set('traceViewability100Seconds', 0);
cmTag.set('isChangePredictPointsWithAny', false);
cmTag.set('isCancelGetAdOnEligibilityLost.isActive', true);
cmTag.set('isCancelGetAdOnEligibilityLost.includeRVAny', true);
cmTag.set('isGetRv1OnlyForEligible.isActive', true);
cmTag.set('isGetRv1OnlyForEligible.delayPrediction', false);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('player.settings.omid.isActive', true);

cmTag.set('player.urls.organicContentVideosLocation', '//magazine-api.taboola.com/video-content');

// Cookie sync predictor config
cmTag.set('predictors.time.cookieSync.isActive', true);
cmTag.set('predictors.time.cookieSync.lengthInSeconds', 20);
cmTag.set('predictors.time.cookieSync.repeat', 1);

cmTag.set('components.CloseButtonView.delay', 0);


cmTag.push = cmTag.push || function() {};

cmTag.set("player.settings.tmbtwfs", function(successes, failures, store) {
    if (failures > 45) {
        return 999;
    }
    return store.get('time_between_waterfall');
});


cmTag.set('player.settings.mntmbtwfsf', function(successes, failures, store) {
    if (failures > 45) {
        return 999000;
    }
    return store.get('mintimwf');
});
cmTag.set('unitThrottlerFiltered', "false");

cmTag.setByCondition({
    conditions: [{
        key: 'preset.level',
        val: 1
    }, {
        key: "unitThrottlerFiltered",
        val: true
    }],
    settings: {
        'preset.level': 3
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'bra'
    }],
    settings: {
        'player.settings.expxls.adimpression': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=0&c3=2&c4=&c6=&ns_ts=%%timestamp%%',
        'player.settings.expxls.advideocomplete': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=2&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=%%duration%%&c3=2&c4=&c6=&ns_ts=%%timestamp%%'
    }
});




if ('am' == 'la' || 'am' == 'LA') {
    cmTag.set('cm_predictors.time.cookieSync.isActive', false);
}

if ('am' == 'sg' || 'am' == 'SG') {
    cmTag.set('player.settings.wf_base_path', '//sg-wf.taboola.com');
}

if ('am' == 'hk' || 'am' == 'HK' || 'am' == 'ch' || 'am' == 'CH' || 'am' == 'us' || 'am' == 'US' || 'am' == 'la' || 'am' == 'LA') {
    cmTag.set('numOfWfUntilDcSwitch', 1);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 1);
}

if ('am' == 'am' || 'am' == 'AM') {
    cmTag.set('numOfWfUntilDcSwitch', 2);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 2);
}


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'player.settings.optpwov': 0,
        'isPWOV': false,
        'onOutOfView': 'pause'
    }
});

cmTag.set("player.settings.frcmtfrms", true);
cmTag.set("player.settings.fire_piggies", true);
cmTag.set("secondsBW", 17);
cmTag.set("player.settings.adto", 300000);
cmTag.set("player.settings.vakll", 300000);
cmTag.set("noaop", 3);
cmTag.set("player.settings.rstmrai", true);
cmTag.set("player.settings.dsktmouttoadcmpltn", 30000);
cmTag.set("player.settings.mprdct", 0.033);
cmTag.set("category", "ShortContent");



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.set('player.settings.mprdct', 0.025);
cmTag.push('abTest', 'mprdctdt6_vA');







cmTag.set('vForce.getAdTimeoutSeconds', 60);
cmTag.set('secondsToCloseGlobal', 0);
cmTag.set('predictors.distancePixels.isListenToScrollSpeedChange', true);
cmTag.set('predictors.playerReady.isActive', true);
cmTag.set('predictors.playerReady.predictPoint', 0);
cmTag.set('predictors.multiAd.isActive', true);
cmTag.set('predictors.multiAd.predictPoints.1.qState', 'q3');
cmTag.set('predictors.multiAd.predictPoints.0.qState', 'q1');
cmTag.set('predictors.getAdFail.isActive', true);
cmTag.set('predictors.distancePixels.isActive', true);
cmTag.set('predictors.distancePixels.predictPoints.1.pixelsFromSelectors', 10);
cmTag.set('vForce.isActive', true);
cmTag.set('isMultiAd', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('playPriority.type', 'ppKey');
cmTag.set('playPriority.key', 1);
cmTag.set('isTestParentSelector', true);
cmTag.set('isReportToKibana', true);
cmTag.set('player.settings.rplvpdactv', true);
cmTag.set('player.settings.bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('isOppsulaEnabled', true);
cmTag.set('microServices.oppsula.version', '1.4.4');
cmTag.set('psthdrs', 'text/plain');
cmTag.set('player.settings.cmbopps', true);
cmTag.set('cmbopps', true);
cmTag.set('verticalWidthThreshold', 480);
cmTag.set('predictors.distancePixels.maxPPS', 100);
cmTag.set('predictors.intersection.isActive', true);
cmTag.set('predictors.intersection.predictPoints.1.intersectionPercent', 50);
cmTag.set('predictors.intersection.isStartWF', true);
cmTag.set('predictors.emptyQueue.predictPoints', 0);
cmTag.set("predictors.getAdFail.allowedPredictPoints", 0);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('player.settings.dwnlnktrshld', 2);
cmTag.set('player.settings.frdwnlnkpxls', 1);
cmTag.set('player.settings.rmvrvlwntwrk', true);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set("components.adChoice.isTranslateText", false);
cmTag.set("components.Repeat.isTranslateText", true);
cmTag.set("language", "ar");
cmTag.set("player.settings.omidExcludedVendors", []);
cmTag.set("mediatypesArraySkippingViewableCheckAtSendOppMoment", [2]);
cmTag.set("stickyCard.restrictions.isActive.default", true);
cmTag.set("player.settings.externalDelayedEvents", ['AdImpression', 'AdVideoStart', 'AdStarted']);
cmTag.set('player.settings.jsDsbleErlyai', true);
cmTag.set('player.settings.frtbcmpaftrmtvw', false);


cmTag.set('sendBeacon', true);
cmTag.setByCondition({
    conditions: [{
        key: "iframeData.inDFP",
        val: true
    }],
    settings: {
        "isSkippedDistancePredict": true,
        "eligibilityValidator.isActive": false
    }
});
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'isChangePredictPointsWithAny': true,
        'predictors.intersection.isActive': true,
        'isUseAmpObserver': true,
        'eligibilityValidator.isActive': false
    }
});

cmTag.set("isStayInIframe", true);
cmTag.set("player.settings.disctxt", "");
cmTag.set('midrollTimeout', 3);
cmTag.set('isUseObserver', true);
cmTag.set('isCallIDLE', true);
cmTag.set("isKeepUnitOnMidroll", true);
cmTag.set('predictors.fullEligibility.isActive', true);
cmTag.set('predictors.fullEligibility.maxPPS', 50);
cmTag.set('predictors.distancePixels.maxPPS', 1);
cmTag.set('isForceStopObserver', true);
cmTag.set('isForceSwapToRV', true);
cmTag.set('components.nativeAd.isActive', true);
cmTag.set('floatingNAS.isActive', true);
cmTag.set('predictors.postRepeat.isActive', true);
var isApp = isApp || false;
if (!isApp) {
    cmTag.set('isRvPriority', false);
    cmTag.set('playPriority.isAlwaysWaitForRv', true);
    cmTag.set('playPriority.checkForRvPriority', 'pixelsFromSelector');
    cmTag.set('playPriority.pixelsFromSelector', 50);
    cmTag.set('playPriority.isAllowInIframes', true);
}

var isApp = isApp || false;
if (isApp) {
    cmTag.set("isInAppBridgeOn", true);
    cmTag.set("isUseObserver", false);
    cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
}

cmTag.set('predictors.playerReady.isStartWF', true);
cmTag.set('isUseWidget', true);
cmTag.set('isStartWithLoader', true);
cmTag.set('components.adLoadingProgress.showProgressBar', true);
cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
cmTag.set('animation.transitionAnimationTime', 0);
cmTag.set('predictors.intersection.isActive', false);

cmTag.setByCondition({
    conditions: [{
        key: 'isDisableSticky',
        val: true
    }],
    settings: {
        'stickyCard.isActive': false,
    }
});
cmTag.set("unitType", "WIDGET_ITEM");

cmTag.set("adMaxPlaySeconds", 210);

cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: "1"
    }],
    settings: {
        isMultiAd: false,
        volume: "onHover",
        isSoundOnHover: true,
        "components.CloseButtonView.hasCloseButton": false,
        "onOutOfView": "pause",
        "originId": 15,
        "preroll.pubId": 133128,
        "preroll.pubTagId": 779408,
        "midroll.pubId": 133128,
        "midroll.pubTagId": 779408,
        "postroll.pubId": 133128,
        "postroll.pubTagId": 779408,
        "pubId": 133128,
        "pubTagId": 779408,
        "player.settings.mprdct": 0,
        "player.settings.encwfrs": false,
        "player.settings.cmbopps": false,
        "abTest": "ep1_vA"
    }
});
if (window.conf300 == 1) {
    cmTag.set("urls.staticImage", "//cdn.cmeden.com/img/play_image_169.jpg");
}
cmTag.set("multiUnitManager.isActive", true);
cmTag.setByCondition({
    conditions: [{
        key: "player.versions.content",
        val: "26_1_18m"
    }],
    settings: {
        "player.versions.content": "14_10_18m"
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'stickyCard.isActive': false,
        'player.settings.optpwov': 0
    }
});









cmTag.push('abTest', 'id5mc_vB');
cmTag.set('pixels.startWithABT.isFire', true);









// Roll out level 4 on amp - minimze heavy ad interventions
var hasReportingObserver = (typeof window.ReportingObserver === 'function');
// 30.10.22 - only blocking on browsers supporting ReportingObserver
if (hasReportingObserver) {
    cmTag.setByCondition({
        conditions: [{
            key: 'frameType',
            val: 3
        }],
        settings: {
            'pubId': 383725,
            'pubTagId': 2077655,
            'preroll.pubId': 383725,
            'preroll.pubTagId': 2077655,
            'midroll.pubId': 383725,
            'midroll.pubTagId': 2077655,
            'postroll.pubId': 383725,
            'postroll.pubTagId': 2077655
        }
    });
}









cmTag.push('abTest', 'Noappq22_vC');
cmTag.set('noaop', 5);
cmTag.set('player.settings.queue_size', 7);
cmTag.set('predictors.time.isActive', true);
cmTag.set('predictors.time.predictPoints', 0);
cmTag.set('predictors.time.lengthInSeconds', 5);
cmTag.set('predictors.time.repeat', 20);
cmTag.set('maxNonRvVimpsInQueue', 3);









cmTag.push('abTest', 'amplean_vD');
cmTag.set('pixels.startWithABT.isFire', true);

var hasReportingObserver = (typeof window.ReportingObserver === 'function');
if (hasReportingObserver) {
    cmTag.set('player.settings.fileSizeConfiguration', {
        enabled: true,
        frameTypes: [3],
        threshold: 0.5
    });

    cmTag.setByCondition({
        conditions: [{
            key: 'frameType',
            val: 3
        }],

        settings: {
            'abTest': 'amplean_vD'
        }
    });
}









cmTag.set('noaop', 5);
cmTag.set('player.settings.queue_size', 7);
cmTag.set('predictors.time.isActive', true);
cmTag.set('predictors.time.predictPoints', 0);
cmTag.set('predictors.time.lengthInSeconds', 5);
cmTag.set('predictors.time.repeat', 20);
cmTag.set('maxNonRvVimpsInQueue', 3);
cmTag.push('abTest', 'smbs');


cmTag.set("player.settings.volume", 0);
cmTag.setMacros({
    dast: "V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!",
    dataCenter: "am",
    clickUrl: "",
    referrer: "https%3A%2F%2Fnazmimedane.yoo7.com",
    cipid: "8083555",
    cmDast: "V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!",
    tagId: "e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc",
    creativeId: "5664665",
    baseReportD: "taboola.com",
    redId: "ba5633dc-e2e2-4bdb-8cf3-41311b79eec2",
    dtagid: "2090795",
    dpubid: "240385",
    vertical: "inline",
    placement: "728x90 Thumbnails",
    lineItemId: "2358075",
    oppsDataCenter: "am"
});

Executed Writes (2)
#1 JavaScript::Write (size: 104) - SHA256: 147f74332da8a3a6025c02528aa92901c92553e8066a4924adf0b4d08a8439fc
< script src = "https://stootsou.net/pfe/current/tag.min.js?z=2308013"
data - cfasync = "false"
async > < /script>
#2 JavaScript::Write (size: 759) - SHA256: a7e9c7904cd65627b33964bbb90839a2fa154c33d9c353413da6dcdc4fba2295
< !doctype html >
    < body >
    < script >
    document.head = document.head || document.getElementsByTagName('head')[0]; < /script> < div class = "popupContentWrapper" >
    < div class = " trc_popover_title_wrapper " >
    < div class = " trc_popover_title "
id = "trc_userx_popover_title" >
    < span class = " trc_popover_title_text " > < /span> < /div> < /div> < div class = " trc_popover_content_wrapper " >
    < div id = "trc_userx_popover_content"
class = " trc_popover_content " > < /div> < /div> < /div> < /body>


HTTP Transactions (172)


Request Response
                                        
                                            GET /t659-topic HTTP/1.1 
Host: nazmimedane.yoo7.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         94.23.73.212
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 07 Dec 2022 12:36:38 GMT
Content-Length: 0
Location: https://nazmimedane.yoo7.com/t659-topic

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14042
Expires: Wed, 07 Dec 2022 16:30:40 GMT
Date: Wed, 07 Dec 2022 12:36:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15228
Expires: Wed, 07 Dec 2022 16:50:26 GMT
Date: Wed, 07 Dec 2022 12:36:38 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 6vH6HFbCalmarjyPBwT4O64b61FMGgQzdc3Wif6xA1vsCUbexeGUNqXQYhlFkCOVo4ZWDXoWeMw=
x-amz-request-id: B46F7PFR1CHNWMH4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 11:49:21 GMT
age: 2837
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 907
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:38 GMT
Last-Modified: Wed, 07 Dec 2022 12:21:31 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 12:20:28 GMT
cache-control: public,max-age=3600
age: 970
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "32560956346A796136D461CD4DA18CAC153BDA75D0EC9F9AF8CB1D43185A2231"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=796
Expires: Wed, 07 Dec 2022 12:49:54 GMT
Date: Wed, 07 Dec 2022 12:36:38 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:38 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 1660
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 855
Cache-Control: max-age=161066
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:21:05 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=153583
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 07:16:22 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4184
Cache-Control: max-age=151813
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 06:46:52 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3619
Cache-Control: max-age=151248
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 06:37:27 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /users/3314/38/76/56/smiles/916405.gif HTTP/1.1 
Host: nazmimedane.yoo7.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         94.23.159.185
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 11013
last-modified: Thu, 11 Feb 2010 00:28:25 GMT
etag: "4b734f29-2b05"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 48\012- data
Size:   11013
Md5:    86b268812af4bb3acebe08a314637b85
Sha1:   1f65c9c822fb4e1f7763363b058c5acbc490f94b
Sha256: 29296d8603aa856e8975d4b209da30452ed55f71266f868a4839d3d789c8b2ca
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2136
Cache-Control: max-age=105477
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638f7984-2d7"
Expires: Thu, 08 Dec 2022 17:54:36 GMT
Last-Modified: Tue, 06 Dec 2022 17:19:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:01:47 GMT
expires: Wed, 06 Dec 2023 13:01:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 84892
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size:   33845
Md5:    d989f35706c62ce4a5c561586c55566e
Sha1:   d32e7958e5765609bf08dcdefd0b2c2a8714ce34
Sha256: 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4447
Cache-Control: max-age=125092
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638fbd1c-117"
Expires: Thu, 08 Dec 2022 23:21:31 GMT
Last-Modified: Tue, 06 Dec 2022 22:07:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /users/3314/38/76/56/smiles/295390.gif HTTP/1.1 
Host: nazmimedane.yoo7.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         94.23.159.185
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 4865
last-modified: Fri, 12 Feb 2010 12:50:42 GMT
etag: "4b754ea2-1301"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 37\012- data
Size:   4865
Md5:    d51d942d7b4dbaed397942eb36133ae4
Sha1:   eac14e4500477380c2d29d4edbacf8dc8678f1be
Sha256: 2422ccf9cf64e8ac84f0c012fad8b9da06b9dd07daf1e47814dae26f83abb8a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=153583
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902684-117"
Expires: Fri, 09 Dec 2022 07:16:22 GMT
Last-Modified: Wed, 07 Dec 2022 05:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 648
Cache-Control: max-age=119812
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638fb753-139"
Expires: Thu, 08 Dec 2022 21:53:31 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /gtag/js?id=UA-12893221-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 12:36:39 GMT
expires: Wed, 07 Dec 2022 12:36:39 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43599
Md5:    5c91bd17e9094bfd45db89654c040d7e
Sha1:   58ede8f570fc28e49f1e63995a4859012bb686d9
Sha256: a8166505209ac68edf4183a1e759666b31eeaf311c2714793b2eeaf10e606f21
                                        
                                            GET /gtag/js?id=UA-144347007-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 12:36:39 GMT
expires: Wed, 07 Dec 2022 12:36:39 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43635
Md5:    7c862f1e15ec5c826580a9230c2501d9
Sha1:   23f770c5a56f4b61497edabccf7285d157ed107f
Sha256: 0e622d1bc91b754301a69be86346b5ddabea512ac10f80afdab1b4d558a4ca59
                                        
                                            GET /afsonline/show_afs_search.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 1456
date: Wed, 07 Dec 2022 12:36:39 GMT
expires: Wed, 07 Dec 2022 12:36:39 GMT
cache-control: private, max-age=0
last-modified: Tue, 03 Nov 2020 17:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (512)
Size:   1456
Md5:    9e7155ef31da254ed5eb9931cf5d529b
Sha1:   00cea21853d9a6f394dd8e38a3956c9380ef47fb
Sha256: 518e342faec6830b1bf1316c021186ae84fa470fec927adb07a0dde111f81465
                                        
                                            GET /i/fa/icon_mini_search.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 238
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-ee"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 787476
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltkeqqYPxuaG6fiVZcgK15sOT6G%2FPQFNOAepelg75tlbAj5bd6%2FO6cbD1w8i5y7cgf2ToYPgWSHtcBpWb063syZdLxVweWKb4Xzi5OU7DwlpVjeRg6KcKd8ojw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a777519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 12 x 13\012- data
Size:   238
Md5:    69ac99a266d5032986805506ed750bdd
Sha1:   a800b0f6f44e80d71f75808bd4324f866e6c54b1
Sha256: 605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
                                        
                                            GET /i/fa/empty.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 787556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfjsg5N6H5Om%2BZEZD1lceIbxbf3VKe4Jfm1P05pCBScl0IqNkE4EbOzyKKPHbsgQuNEZNPkxaf9xPBpL6qboppDwvTnKNftL3TajT%2FZgOV3TJR2jkcuJ2t%2F4fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a857519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/t/13/09/81/i_icon_mini_index.jpg HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 1591
last-modified: Fri, 12 May 2017 12:33:54 GMT
etag: "5915abb2-637"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQ8tQ6wNiJsDNQql97LuEEKM8nDaYqr19vXnh8nJYzaij8T6Zsx6CO0FKOPad15ZgH2lDrRUiW3dmG2l7ilBJZXjFF66rgpq59DhXljl%2BXrqSNWFpvkLOBONVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a717519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x50, components 3\012- data
Size:   1591
Md5:    4dd7c80b70e829398683f936a1b858d9
Sha1:   bb496b51478f2278d1e3a9cd285bd4270c7935d7
Sha256: 884b911b914077c76bed0caa0357bd3aaea055aa7955b0d1f04e1ec565efb612
                                        
                                            GET /i/empty.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 787569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owiyR%2Boq1gxxNJJRXWfKInjxFXdROlmJz0etAd%2Fpm4olh%2F5Ae3ObLEoIrUmfw1pp816o8FRS8qpH9htYMWDkqlLxznlshyDnsygJM4es8vyBOrkXZR088Uig8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee26ab17519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            GET /s/t/13/09/81/i_icon_mini_gallery.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 269
last-modified: Wed, 10 Dec 2008 17:11:53 GMT
etag: "493ff859-10d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4sQyYfz8DXmB%2FTEWvPwYg0RTs4WZvXcUs85odfwW5BqYlRBEOt6Yu2X%2BrlTBiRNCDzKveHMDpHEyvdqmt9XfZPOF2e9ZLLBy%2FVIdR124FGoISMHj6o3Akfpig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a757519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 16\012- data
Size:   269
Md5:    2ce6c29d890f43462dfe61cd4beca3ce
Sha1:   0828b9daaba3a38bf73c7cb99fe69b2da9e2c7f8
Sha256: 161e035cc7503e8169eca61dfea7ec7aa4e3bb90cb56f7f6a70b6e09336c48b8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/t/13/09/81/i_icon_www.jpg HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 1274
last-modified: Wed, 27 Oct 2010 15:19:30 GMT
etag: "4cc84302-4fa"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDt4quAdHNAs5ZNeNxgoIgbppXE4lukIa2ITVXNOWSObj6GpwioLnej%2BVSN5A50scvTgH%2F%2FVULP1H6HxO6UAWusbdxG6ObTvE7b0GynMlATSQ3ILW3r4wW%2BZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee26ab27519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 58x25, components 3\012- data
Size:   1274
Md5:    50ddd3ecb5d31206f522cd7bb6dc4d47
Sha1:   a9dbfa6409642dcae9dbfa9e9ba268872b224d4b
Sha256: cc49137ce9a3853e098017e77343678d129e3371cf3344b8a24ceb3124f72439
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4447
Cache-Control: max-age=125092
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "638fbd1c-117"
Expires: Thu, 08 Dec 2022 23:21:31 GMT
Last-Modified: Tue, 06 Dec 2022 22:07:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/t/13/09/81/i_icon_mini_login.jpg HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 1586
last-modified: Fri, 12 May 2017 12:33:54 GMT
etag: "5915abb2-632"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbWvTeeStCEutxgel0on8a1O1RXIi5W7JtsCtkgiFlWKaKnxJ57KdrgC2H4OG3055j2WhqtBGHZffLxgc05GAHVGiIe3xuiljwsXVXjxflXBhDohorCgH4lDsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a747519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 99x50, components 3\012- data
Size:   1586
Md5:    0a01c9d0d9747af7bd7f9f41afd51cdf
Sha1:   77daebee09388ffe59049db2083d980f6057e039
Sha256: b548b3f3ab6080dc35636f48da41a8a594b839f9d313ccf1a81e675c75dd0a67
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1804
Cache-Control: max-age=151610
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902f05-118"
Expires: Fri, 09 Dec 2022 06:43:29 GMT
Last-Modified: Wed, 07 Dec 2022 06:13:25 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /0-rtl.css HTTP/1.1 
Host: nazmimedane.yoo7.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         94.23.159.185
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 54802
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   54802
Md5:    0c64954f35afb07ed31df919ef4d1d88
Sha1:   c3b0f1f56842dd40a650001b62db93c16c423130
Sha256: 79c353e527f612f8d139c973019d8816a9d5c60193276f016433c98f2ca7ab45
                                        
                                            GET /s/t/13/09/81/i_icon_mini_register.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.235.175
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 41555
last-modified: Wed, 10 Dec 2008 17:11:49 GMT
etag: "493ff855-a253"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CviGP7R%2FZK5tv1IyVTamwTnRV00BcrcSD5HuNnfzdcs86rRvIdM4g6zAxRGqfZNq7USMVKMkn3bRDjEFlZ34meyNAZGhb7GvrVdevFL4u6ke8otI%2Fkoyg6%2BoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d4ee23a727519-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 133 x 50\012- data
Size:   41555
Md5:    a31e82e4c2f70e0913b34dd7a977a5ed
Sha1:   3e34e27ce787cf2c467343506d2c26b20f5160bd
Sha256: 0bcadae8fed21f162a7668066e446d4cec8ab88700b71599d80cd2510b9632b2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=154282
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902f05-118"
Expires: Fri, 09 Dec 2022 07:28:01 GMT
Last-Modified: Wed, 07 Dec 2022 06:13:25 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /emojione/assets/png/2665.png?v=2.2.7 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.229
HTTP/2 200 OK
content-type: image/png
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"1c1-Q6Im9ZWK8d6MqdXiJLVbAJ4ZkJo"
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:39 GMT
age: 544852
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 449
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size:   449
Md5:    d96be3593df852a6bf4151ec24b16162
Sha1:   43a226f5958af1de8ca9d5e224b55b009e19909a
Sha256: 271429d12c40be921897005b7bdd08f9518960af1e1e6f56bb0060f1f183651e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TSNlwDNqdzL0nzmneIRfrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.74.230
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gC4dW9vYTGOKjg7WiPlPmvKzx70=

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "762FA358982F6A9E699BB72F1BEBB562CBBB835F"
Expires: Wed, 07 Dec 2022 23:00:00 GMT
Last-Modified: Wed, 07 Dec 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2076
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775d4ee37a77b505-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    ca17d6dd4ac143df0dff7f23d311838d
Sha1:   607140ba09632a0fcc344b0697e1ed9ff58fac4b
Sha256: 2e77c7d07495bab4c233234ec8de6eac67f589108f21d0c566abe1a82658d197
                                        
                                            GET /u/f64/14/84/23/64/uuoous10.gif HTTP/1.1 
Host: i.servimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.178.62
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 16920
last-modified: Thu, 11 Feb 2010 12:19:41 GMT
etag: "4b73f5dd-4218"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 07 Dec 2023 12:36:39 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDHMdKnpdZ%2F9WwxsY97vPdbihY%2F7jHkhT5vwcY3ycfqbfteFBULZ6%2BAH2%2Fz41g7dy97wMNNiaNyeysn27oDFtLWR1YW97ir%2BHe0tdWVGV%2FA2V6qtzjU7TdnykHVwjwuu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775d4ee33b2d0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 80\012- data
Size:   16920
Md5:    85c71f40d4645e9f00f3f4ee4fc7c4f5
Sha1:   b4d76961276c0aaf2115e43a16ae6c40cf45e02e
Sha256: 421cc46926b434b0c8ad11716f1be1f4c0fb16c4bd8a8ed7516e896d2c6ffcb6
                                        
                                            GET /u/f64/14/84/23/64/rosy10.gif HTTP/1.1 
Host: i.servimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.178.62
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
content-length: 16717
last-modified: Mon, 15 Feb 2010 22:23:34 GMT
etag: "4b79c966-414d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 07 Dec 2023 12:36:39 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkQBdU5Ja2pB%2FnarMF8agpVuvP3AcPv1THPVhEzO4vGJ%2BhU3t5WyVTrsEaC%2FkafZb%2BIXJpJTS21a8YI%2BUkWzmwQzQhNgkVOCJY4rJqPad1BRg74YbG44ePctAMJ9%2FJWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775d4ee32b140afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 80\012- data
Size:   16717
Md5:    7828c7097d0f1dcb689f88ae56bcb8dd
Sha1:   b47d237c48d161cfcef6fb8b2fc66742e09f0f0a
Sha256: 6e065b05801323a13ef8361c820f5d5542497d18bbd5476ed540e21019b7751e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=154282
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "63902f05-118"
Expires: Fri, 09 Dec 2022 07:28:01 GMT
Last-Modified: Wed, 07 Dec 2022 06:13:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /js/ld/publishertag.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:39 GMT
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Thu, 08 Dec 2022 12:36:39 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   41836
Md5:    0f7638bdba34bff6e8d33a6121d275a8
Sha1:   63ff800b622c819c3d2aac202156b5be8adf1862
Sha256: ba634de8d2c89eae3b1babf01aa7952e1cc592e1bc95423e81b67306bddc6700
                                        
                                            GET /profile.forum?mode=register HTTP/1.1 
Host: nazmimedane.yoo7.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         94.23.159.185
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Wed, 07 Dec 2022 00:00:00 GMT
last-modified: Wed, 07 Dec 2022 12:36:39 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13029
Md5:    72f64cb85b126001d5d05da3d3baa740
Sha1:   37221195b2920247b630f12d30b401e3ff65de4e
Sha256: eab91f13048fe7263f05f939db67550763da74ed2ead4b9c6967d51b7075cb15
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4758C277C932E1D96BEB963049CB1CFD3FC4E75DC9EAD41DD5DEDBA573BFCB04"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5400
Expires: Wed, 07 Dec 2022 14:06:39 GMT
Date: Wed, 07 Dec 2022 12:36:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 747
Cache-Control: max-age=168152
Date: Wed, 07 Dec 2022 12:36:39 GMT
Etag: "639073c4-139"
Expires: Fri, 09 Dec 2022 11:19:11 GMT
Last-Modified: Wed, 07 Dec 2022 11:06:44 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /twemoji.min.js HTTP/1.1 
Host: twemoji.maxcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.139.237.124
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Fri, 06 Jan 2023 12:36:39 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 7B1C:D2D3:4824A8:4A013B:638A8635
vary: Accept-Encoding
x-fastly-request-id: 13302c302e4dcbfe7e16260e2cd5983d6eec8ece
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5395
Md5:    38879863f1f9a6d7eb46f08f855f877c
Sha1:   a047659d0272aaf4ba783ece1dde3e0f77097a53
Sha256: 8180bfd1ebdeac4b552b3ecf5f85e2782621fa6a35a3e6ce135a069559de4e5b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 568
Cache-Control: max-age=105365
Date: Wed, 07 Dec 2022 12:36:40 GMT
Etag: "638f7f35-139"
Expires: Thu, 08 Dec 2022 17:52:45 GMT
Last-Modified: Tue, 06 Dec 2022 17:43:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /api/vglnk.js HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.6
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 28567
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 16:53:51 GMT
cache-control: public, max-age=604800
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JvrDZhFjPgY-HK4vk9BJ3Ds2gsVBPhcj1uBOzyPWeBZqtmBdwvbt0w==
age: 589369
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (693)
Size:   28567
Md5:    072eaf64a771815874455704fca9301b
Sha1:   6c6226d00f14bb800cd4390b3cd42df941be43b1
Sha256: bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 10:41:08 GMT
expires: Wed, 07 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 6932
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3FxhlV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHhGRWElMkZ4TVM0ZlZyU2hST1YyVU5tWQ; expires=Mon, 01 Jan 2024 12:36:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 318384
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /libtrc/forumotion-ar/loader.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: /cwkzO8nF5uRzDXMLGMHW4IRfavxeTsfa12Vhm18zWUPw2Q3mLzJdjX2wAv8/Vnko9AhGdScgug=
x-amz-request-id: 1NRDB3BA5PYV6VXA
last-modified: Tue, 06 Dec 2022 20:15:07 GMT
etag: "0b83445d4f9715acb76beae9296d283b"
x-amz-version-id: 6b2PswebF0hDzWO5xmiOy0UsxM94SyBS
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
age: 133
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670416600.091769,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 25423
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65498)
Size:   25423
Md5:    bbfa9d794c1218cf5f2f30b9392c4cfb
Sha1:   b0aa5725c004ac5fb830390c74c545b3ef1ebf59
Sha256: bd6cb07b4bc5602d41715b001d9e221f574615be6a6a44891bf74d1f0e40457d
                                        
                                            POST /cdb?ptv=132&profileId=206&cb=88824590264 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 569
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.131
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://nazmimedane.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 159
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   159
Md5:    567e76dc0bcfde74b71cfeae11b1fd0f
Sha1:   6ae14514e12d47eccce20996bccf49d8f0bc1a8c
Sha256: 3466feee8621c1050583edfe2fcb50f2fab13ef8e4121bbf15166d975797e494
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 763
Cache-Control: max-age=164221
Date: Wed, 07 Dec 2022 12:36:40 GMT
Etag: "6390645a-139"
Expires: Fri, 09 Dec 2022 10:13:41 GMT
Last-Modified: Wed, 07 Dec 2022 10:00:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /libtrc/impl.20221206-9-RELEASE.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: GJ/TYug6Y6wJpQ/xGmN1jNBtDY9WgBStGLQwy7qlMzZ//8FdBlS8ZDbuZEsurVSZq3yK0CZU2TI=
x-amz-request-id: V7XDYTDZNM3QFRRE
last-modified: Tue, 06 Dec 2022 11:09:50 GMT
etag: "ed14506295f2d36ba1c947cf18f982f1"
content-encoding: br
x-amz-version-id: eQ1gx7k6CXCSNKmlaWA.nuCrjL1_tj1K
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
age: 5155
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 3545
x-timer: S1670416600.166557,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
server: AmazonS3-br
content-length: 147441
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65509)
Size:   147441
Md5:    ed14506295f2d36ba1c947cf18f982f1
Sha1:   8bcb0936b86823b6eede23335a32943741c0db74
Sha256: d35893f151f71ec05c2cbe5c36df80230c14bed25ac5c8a7a277e3ba3c483f92
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:40 GMT
Last-Modified: Wed, 07 Dec 2022 11:23:11 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hFJTK4vVtWruNti2EVNyHsqLb23_PjrdbVRnz5JNTqRIdglLIrjMJQ==
Age: 4409

                                        
                                            POST /api/ping HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 139
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.246.116.79
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Cache-Control: no-cache, no-store
Date: Wed, 07 Dec 2022 12:36:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   259
Md5:    a7077cbed20180df8979afb8b983758a
Sha1:   525b4ac8aaf54dabdf1cf27390f9949eca9a1a96
Sha256: 54b80a50b45af40d430ca692a2f71910bdf79f5933a8387fd2bbbf19bf8ccad9
                                        
                                            GET /images/icons-180.png HTTP/1.1 
Host: nazmimedane.yoo7.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/t659-topic
Cookie: exadd=167043; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         94.23.159.185
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
content-length: 9034
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   9034
Md5:    037549b570c55cf338fc5849755c6baf
Sha1:   2994009046516b87da7e8a8cef3ab2c262b3f482
Sha256: 1f755fbb2285b1456445f40b06e0b5b1b1cfd2c01a5652bf9c1d29db72f96140
                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A36%3A39.967&type=usage&msg=rtus&llvl=2&id=1265&cv=20221206-9-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         141.226.228.48
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
x-fastly-to-nlb-rtt: 22152
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.246.116.79
HTTP/1.1 200 OK
Content-Type: image/gif;charset=UTF-8
                                        
Cache-Control: no-cache, no-store
Date: Wed, 07 Dec 2022 12:36:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.246.116.79
HTTP/1.1 200 OK
Content-Type: image/gif;charset=UTF-8
                                        
Cache-Control: no-cache, no-store
Date: Wed, 07 Dec 2022 12:36:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&gjid=1572966191&_gid=260530178.1670416600&_u=YEBAAUAAAAAAACAAI~&z=706243412 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         64.233.164.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://nazmimedane.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 12:36:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2BBF9A00990733A43871E7786CE7D13ECD29DF5266B6F540DFEAFBE7D489BEDE"
Last-Modified: Tue, 06 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18263
Expires: Wed, 07 Dec 2022 17:41:03 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-length: 0
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-length: 0
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 289
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.246.116.79
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Cache-Control: no-cache, no-store
Date: Wed, 07 Dec 2022 12:36:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   41
Md5:    69a347a8e60787c197a2cc306061e409
Sha1:   655eded589ffb5a241e9e6a6b980559da440300a
Sha256: fa668d12b8319bdca7fc16818c5dbb24a18415524bdc8031bb97f9bf9d998769
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-length: 0
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Content-Type: application/json
Origin: https://nazmimedane.yoo7.com
Content-Length: 387
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-length: 39
x-trace-id: 91cbdf556b10a044ed1f12e052142c5b
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Content-Type: application/json
Origin: https://nazmimedane.yoo7.com
Content-Length: 771
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:40 GMT
content-length: 39
x-trace-id: c49688fe7228ef519341406bcda0af1c
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            GET /syncframe?origin=rtus&topUrl=nazmimedane.yoo7.com HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d082617d-e81f-4aa6-b769-8070a9519831; expires=Mon, 01 Jan 2024 12:36:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 524086
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5105
Md5:    370e85ec707b157a69ee7267f2577fb1
Sha1:   783bb43d4a46c5e60d53b0fb4b8857aa48e341b3
Sha256: 1051ba7aedc90b38431e67a920fd8b0547cd9737f758552b1c49fbc8486e6e5f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3953
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 12:36:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 50676
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 23099
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6557
Md5:    210b27f5f6310d8fad640acce3d9ae0e
Sha1:   08d241e56622cb900754d95bc5d58ed8826d9f32
Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
age: 52860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8438
Md5:    e95ebce9d79ba46cb96af9a45af1762f
Sha1:   985c6761675e6bcc0186f64d55f94cf09352f05c
Sha256: 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 51694
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8701
Md5:    604a4132da78a0c013b5818644adb121
Sha1:   ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
Sha256: eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:39 GMT
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-18c6c"
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   42229
Md5:    72ebbafd27f316744f849c3cfd8319fb
Sha1:   8d449d8870ac266a7d100d831b18156a4f72fafc
Sha256: 8620ee6cc15808c33342d1a8226a1c520705f6513332fbcd9314378260f97556
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=3FxhlV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHhGRWElMkZ4TVM0ZlZyU2hST1YyVU5tWQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Hx9f1F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdKYmFYbG53OXhhdUpkMmcyQVJQRzQ; expires=Mon, 01 Jan 2024 12:36:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 355527
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7518
Md5:    0392d6fab7a37f15ea136805b1703fcc
Sha1:   1cfd4582745dd9498153e08a25248925e9876e9c
Sha256: f936fb2a70d7333dee79453676d3f35e12237e136349efe95df5daa8d601cb51
                                        
                                            GET /libtrc/userx.20221206-9-RELEASE.es6.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: jQxtGKp8nq4IWTzSCHzvUw6PSQ1lF+7jDWwXYhcmAIUKBleKKrHP0Nu2C9sd3cJzz9UYCMjfJdg=
x-amz-request-id: SCRC2PMS67ZR5J39
x-amz-replication-status: PENDING
last-modified: Wed, 07 Dec 2022 10:58:09 GMT
etag: "364422da529caf2611941f23d30b1dfd"
x-amz-version-id: coGgcXfdGU3u27da6O5R_45957M6Fr_Y
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
age: 5909
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 879
x-timer: S1670416601.786889,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 2
content-length: 5397
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17842)
Size:   5397
Md5:    4957c15ac288ba5085679ffaf3f7798e
Sha1:   33f2569b3f3239aa332430c24ffda92d0dc11735
Sha256: 4dbc2d23b59a6aeefdac9ea2269fc4f35f6ca9c053c2e500239bcfc518cc229b
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6097769d180abfa1734220ac93695e9.png HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 515569731593774944757862601420144156398,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 515569731593774944757862601420144156398,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "e4c475add2bd4f975226d1b0f587176f"
expiration: expiry-date="Sun, 18 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 17 Nov 2022 14:04:20 GMT
req-referer: https://acdn.adnxs-simple.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 308
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
age: 597580
x-served-by: cache-iad-kcgs7200066-IAD, cache-iad-kiad7000072-IAD, cache-sna10747-LGB, cache-iad-kiad7000162-IAD, cache-bma1663-BMA
x-cache: HIT, MISS, MISS, MISS, HIT
x-cache-hits: 1, 0, 0, 0, 1
x-timer: S1670416601.794463,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6097769d180abfa1734220ac93695e9.png
x-vcl-time-ms: 1
content-length: 4754
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4754
Md5:    64f57d105169b65ce0ad224c6112b721
Sha1:   fcf6c8d1c185351bd519ca98308401b301a5283f
Sha256: 766aa74fd1a58decd8f747b03efb9ab9f72d2c6ac63f5f78c9d7a2574a856674
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         178.250.6.26
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:39 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 158365
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 203
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.246.116.79
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Cache-Control: no-cache, no-store
Date: Wed, 07 Dec 2022 12:36:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 56
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   56
Md5:    dc56847f054315e15c6aaaf1ed4ded79
Sha1:   717548bbeabf331c96216e8744862302b0130dd0
Sha256: 3fa241b0c43a14b28dd5d40429856cb26ca89d029919829d5bba2025b283257b
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=272916276.1670416600&jid=1312233555&_u=YEBAAUAAAAAAACAAI~&z=1688515066 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.67
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 12:36:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fnazmimedane.yoo7.com%2Ft659-topic&encoded=1&uid=2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1670416600240&tagid=&cntry=NO&platform=1&sesid=3670ed328931d7d3e57c5d1e93473643&itemid=/t659-topic&viewid=1670416599976&geolat=&geoing=&deviceifa=&appid=&sd=v2_3670ed328931d7d3e57c5d1e93473643_2aa9c265-687c-4a5e-9094-b7b471e9bff8-tucta8a0e58_1670416600_1670416600_CNawjgYQ3pxDGKiX2uTOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=1e7c55c8e3904343f645459948d8774b&appname=&cdb=&gdprApplies=true&rid=&sii=-2899222192760695742&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8596 HTTP/1.1 
Host: 15.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                        
server: nginx
machineid: 1451
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:40 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416601.797365,VS0,VE29
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9350
Md5:    2d9b7a98c9222d04f9d3a2d66bb0355d
Sha1:   2249eb4bc8f24e879cf871de51ae0b82bd01a924
Sha256: c8736a79f39d47510057e5b089a079bb319da61ed860303c9d5ecbd6f7b73974
                                        
                                            GET /sid/json?origin=rtus&domain=yoo7.com&sn=FirefoxSyncframe&so=3&topUrl=nazmimedane.yoo7.com&bundle=uWDq2l9DNlpTTlRsN04lMkJTeWElMkZBUjhDempLeUswdVNrdWpodW9jNGoyZzRyb3Z5SnNiaHo1cCUyRlIwczNJNHlTRVZyUGtjNTlJMlFDaTVFUkhNNGpSME4lMkZhZFBLM0JsT0VRVzIwNFRLdUg3ME9EZW5XMm1rWlNicWFQd25FVUdSJTJCeXAlMkZGVg&info=kBaMO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czRoTGRzaHZ0RTRzNXgxRWpPTHVEWHdFbXVTYyUyRlBaVUtEczBtVTVOSUdDZA&idsd=2066775959,-919537055&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1320195
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /gid.js?userId=f66c46257df046949ad1a685d15117fc HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
content-length: 65
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f66c46257df046949ad1a685d15117fc; expires=Thu, 07 Dec 2023 12:36:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    6fa91a07d54651620be3001d367cd9ae
Sha1:   7c65cc263040d1a0b375b1f1b2f7239282a27e9c
Sha256: 4baf3827e2028630984a5d585b5560a023bdf6080cc091e9276c8cd029ed70e6
                                        
                                            POST /csm/events HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 370
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.131
HTTP/2 204 No Content
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://nazmimedane.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=477993,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d4eed0d3db4f7-OSL

                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         178.250.6.204
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 135635
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   29948
Md5:    a061bcb9392464c3ebe548b1ac2875e2
Sha1:   602c744793a3027c53a07487c6fe5d52ba0afd44
Sha256: 7cb4471d09e47d7f616b25628d7c85e576df4a97e802b2724e5410b27a0db2db
                                        
                                            OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://nazmimedane.yoo7.com/
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
                                        
date: Wed, 07 Dec 2022 12:36:40 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://nazmimedane.yoo7.com
server-processing-duration-in-ticks: 457338
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 902
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.253
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://nazmimedane.yoo7.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 292
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:41 GMT
Last-Modified: Wed, 07 Dec 2022 12:31:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1 
Host: csm.nl.eu.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.150
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 12:36:41 GMT
pragma: no-cache
server: Finatra
expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A36%3A40.539&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2771&cv=20221206-9-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
x-fastly-to-nlb-rtt: 89082
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7MoICFgPyh4tipioxMwTyh4tipioxMwUAAAAGBuIHJOJwzTabkcetsqwsa9HEZHELNzbPWrTYLBYT33Ll8liGQDLGwWo2Gc3csslw4xatRia3wrCwuJWDjXPhsHgcs9lmChE3GQ6fg4Go6Hpb7A6n2fOGEzSdDp_rXi93WN9Ot8vksLvsyr_fN9f43X7RbbVci_6Gp8cOAAAAAA8AVm-ZED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAYkFxoAnxwE7zn7_QEA0LAFAgAggEECMLAaUALwcb5yAgAAAAAAAADA8v___x8DsIc1JgMwsr_TA_DgA_BAVLBaxAgAAABgS0tF82hSJ1QWVQAABOlWAFcAAAGE7JaO52EAAAABYwv0sPj9Zodd43e7DAAAAAAAAADA7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2Qme0GK5NnMlxuFiPfyLNy7TaukWPl3Ix2m9losz2JwPHxCtKAjb6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0NxGA1wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIowsHM6NZbZay4a7jVu0cK3cysFytJb4JqbdYuWc2GzGtej1MT2MC8PKNdyiYMDGXgQX6UTmt7zeftPTb3crLBexRHOySCeyy74z2w1WJs9kuNwsRr6RZ-XabVwjx8q5Ge02s9FmX1k4nBvLbLWWDXcbt2jhWrmVg-VoLfFNTLvFyjmx2Yxr0etjehgXhpVruG_MdoPRYjYbDPaN2W4wWsxmg8G-Q2f4rj5nozM4nnhcprGyOvXZHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8A2vieHvp35eu9nbQWwwKGKJ4HSRTkQv4-kilkieFulEsfJtXKuNceVZDkab0WZmG61Gq-VyNBwZd7vRxCKWKE0X6UQvuq2Wa9Hf8PRY1H9kyMVcOZiLJnPFarRKAAAAAAAAAABLmDNvAgAAAHAayGiwGa6WCwDh7KX7c2cQAm0qjrp7PUxuPBxJLVTc-HGD-S2vt9_09NvdCsuVAR6oyZk3eyaItVotawAAAAFsAACAAG7dvAVgM3L7QFFOuFHrhR_8BLhazgY!&cmcv=&pix=31589837&cb=1670416601152&uv=3245&tms=1670416601152&abt=amplean_vD!id5mc_vB!mprdctdt6_vA!Noappq22_vC!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670416597797!ts:1670416601152&mntl=1 HTTP/1.1 
Host: am-vid-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         141.226.228.48
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 07 Dec 2022 12:36:41 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1 HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1716
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 204 No Content
content-type: image/gif
                                        
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://nazmimedane.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670416602.616157,VS0,VE87
x-vcl-time-ms: 87
X-Firefox-Spdy: h2

                                        
                                            GET /vpaid/units/32_4_5/assets/css/cmOsUnit.css HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: Bf8dw0NjA07TfpEMmKBaL+UFJWQuALEo7owO+vyJS0Z7+UM4VbN5qXqenI+jCaBsTF8hL6tqRMY=
x-amz-request-id: 89SNZ5N6GV47VA34
last-modified: Mon, 28 Nov 2022 10:07:46 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1669630065
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630064
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
age: 786442
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 206780
x-timer: S1670416602.724152,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8297
Md5:    a28320a69408adba1f01f56d6eb80708
Sha1:   8012c7108fab547cf31481cfda7cb49e654a0542
Sha256: befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
                                        
                                            GET /vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nazmimedane.yoo7.com
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: NxcjemMMJRUsCExBkB2iiVRl9DgwLdtVaii0IcyucefSWzHY1Wd9p4I32adBzeHQ7741KdCnChI=
x-amz-request-id: 89SJXSQ72NB1B3KT
last-modified: Mon, 28 Nov 2022 10:06:56 GMT
etag: "2b361da912acc8f13f4f1b545047025f"
x-amz-meta-ctime: 1669630015
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630014
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
age: 786442
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 92957
x-timer: S1670416602.762901,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127788
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size:   127788
Md5:    2b361da912acc8f13f4f1b545047025f
Sha1:   af3a70c02bb88e27a151e8edf4a93931ace2aced
Sha256: 7f44e7dee5fbeb1334cdcb6b06d37dbf74a5ce2c65d4494843a2dabd98f2ef1b
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3386
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:41 GMT
Last-Modified: Wed, 07 Dec 2022 11:40:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3386
Cache-Control: max-age=131571
Date: Wed, 07 Dec 2022 12:36:41 GMT
Etag: "638fda92-1d7"
Expires: Fri, 09 Dec 2022 01:09:32 GMT
Last-Modified: Wed, 07 Dec 2022 00:13:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd4f86b7-762b-11ed-8a7d-1d7abbad0106; expires=Wed, 04-Jan-2023 12:36:41 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd4f8716-762b-11ed-8a7d-1d7abbad0106
X-fe: 28
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd54456d-762b-11ed-917e-1891fad20106; expires=Wed, 04-Jan-2023 12:36:41 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd5445d9-762b-11ed-917e-1891fad20106
X-fe: 83
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd4f8716-762b-11ed-8a7d-1d7abbad0106 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Wed, 07 Dec 2022 12:36:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd54b5a3-762b-11ed-ac70-1ef5e1e50406; expires=Wed, 04-Jan-2023 12:36:41 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
server: AmazonS3
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:41 GMT
via: 1.1 varnish
age: 18233
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 2151
x-timer: S1670416602.902522,VS0,VE0
cache-control: private,max-age=31536000
abp: 2
content-length: 254
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Size:   254
Md5:    dfa7b52c86e56bd67fa4002f6ed19854
Sha1:   7df722645482433c2b5c8d8ab4272a9874592f27
Sha256: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
                                        
                                            GET /vpaid/vPlayer/player/v14.8.9/OvaMediaPlayer.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: HQC2qImu+yFtWRdwC7qdeEY+LwREinVNileBf8flE7jOTdBJ0PCsJIuGQaWmLhiRoOBa/JCpWd0=
x-amz-request-id: Q1CB2TACPSHX4QQR
last-modified: Mon, 05 Dec 2022 10:01:26 GMT
etag: "6b34cacda27ec72b97b6737ed724b8de"
x-amz-meta-ctime: 1670234485
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1670234471
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:42 GMT
via: 1.1 varnish
age: 182062
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 35720
x-timer: S1670416602.075937,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 88219
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   88219
Md5:    6b34cacda27ec72b97b6737ed724b8de
Sha1:   2cf75cddd5c0fcf0998e5e09f1419bea5dceaa9b
Sha256: a1f95863b6f6f800546cdb825c638d66defbf0ef1594e7a86aa6ddd40c6fafdd
                                        
                                            GET /vid/blackScreen5.mp4 HTTP/1.1 
Host: vidstatb.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://nazmimedane.yoo7.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.44
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 07 Dec 2022 12:36:42 GMT
age: 471578
x-served-by: cache-bma1663-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 251784
x-timer: S1670416602.171456,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   90784
Md5:    b2b087fe4ae638c533731c347fcd4df8
Sha1:   62851c888c21bb51cc04f13b6fc0451279fe0425
Sha256: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd5445d9-762b-11ed-917e-1891fad20106 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd807e0f-762b-11ed-b94b-11e121d60506; expires=Wed, 04-Jan-2023 12:36:42 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 8
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=cd843c5e-762b-11ed-9628-197e22df0306; expires=Wed, 04-Jan-2023 12:36:42 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd843c9a-762b-11ed-9628-197e22df0306
X-fe: 30
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 386
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 12:36:42 GMT
Last-Modified: Wed, 07 Dec 2022 12:30:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Dec 2022 09:59:13 GMT
ETag: "662acbbd11cac46c12a6e507ae3e74cc1d18daeb"
Last-Modified: Wed, 07 Dec 2022 09:59:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1369
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775d4ef42d3fb505-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    c7dc0655b32b607d89a1eed30bf9adf9
Sha1:   662acbbd11cac46c12a6e507ae3e74cc1d18daeb
Sha256: 4f80fe00c39035ccdb5c495fd60ae97ccc70d17c49f7072f16385c85d847ea3b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 12:36:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=522604,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d4ef40e6eb4f7-OSL

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=cd843c9a-762b-11ed-9628-197e22df0306 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search