qaffen.yoo7.com/t3792-topic
178.33.115.32301 Moved Permanently 0 B URL HTTP/1.1 qaffen.yoo7.com/t3792-topic
IP 178.33.115.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t3792-topic HTTP/1.1
Host: qaffen.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 15 Oct 2022 10:36:28 GMT
Content-Length: 0
Location: https://qaffen.yoo7.com/t3792-topic
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 09:50:04 GMT
Expires: Sat, 15 Oct 2022 10:42:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yMCQ5jpEH2WsdDWPR3pTYbFqFDNN01orfcjS5vBik_AVSFNvICgdFA==
Age: 2784
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4189
Expires: Sat, 15 Oct 2022 11:46:17 GMT
Date: Sat, 15 Oct 2022 10:36:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14282
Expires: Sat, 15 Oct 2022 14:34:30 GMT
Date: Sat, 15 Oct 2022 10:36:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SHU4Thk7QbcQ9irYXCV9PkfU0rDhV+HSbEf6w3nH2UHFB2jSVFn3sdE5GxBIwPbKCTOVkf3dEgM=
x-amz-request-id: 1XPRATC5K34SD83S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 10:34:36 GMT
age: 112
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3d7bbc82637b00fdbe5170d5c187d0e
1991a22865610b12870be43d1eccead7c3360e43
c272dff4784cba3070ee798f2624595536123756473a5f86f779bc96248369fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C272DFF4784CBA3070EE798F2624595536123756473A5F86F779BC96248369FA"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5795
Expires: Sat, 15 Oct 2022 12:13:03 GMT
Date: Sat, 15 Oct 2022 10:36:28 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3039b3640f516724d3ec7e845c2f20d1
efa6a85767ab44afd629d1d82413770412abce0e
d454aa6e955985b5b78d1a190b7abc035a1e6dea0c3c5f06220bad3031717249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3039b3640f516724d3ec7e845c2f20d1
efa6a85767ab44afd629d1d82413770412abce0e
d454aa6e955985b5b78d1a190b7abc035a1e6dea0c3c5f06220bad3031717249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 22:41:25 GMT
expires: Sat, 14 Oct 2023 22:41:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 42903
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1952)
Hash 33dac6c77520da00e8a7e0650a635bed
54a961f213bef4dcfd143756e52698ca6c5e51a0
488863ea4f8a8782531e58dc08b3f358bdd8e103eb069e217f61a6010629700c
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Oct 2022 10:36:28 GMT
expires: Sat, 15 Oct 2022 10:36:28 GMT
cache-control: private, max-age=900
last-modified: Sat, 15 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bc5a451525bf73c6fabd6dce70189db3
c8b2e2e9e5c55ac42589bcad3533afbddeb5d05c
d001a067b48d13a40e90e715668f612e4e7cb485866c35dee1bcdabd69ff70c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1004
Cache-Control: max-age=155116
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Etag: "634a442d-1d7"
Expires: Mon, 17 Oct 2022 05:41:44 GMT
Last-Modified: Sat, 15 Oct 2022 05:25:01 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=
142.250.74.168200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.168:0
File type ASCII text, with very long lines (2071)
Hash 56d80829a0b9c89a01189c8f1d0cc81b
cea55ce26b2207babdf41762065b6a909c4596a9
febea570fcdd8ae94f7858c5ef093ce4ae5b95bde4b7a0dcfbcdf8d8567f89b9
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Oct 2022 10:36:28 GMT
expires: Sat, 15 Oct 2022 10:36:28 GMT
cache-control: private, max-age=900
last-modified: Sat, 15 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 906c29ed2a0bce76c2a36d4f1ff207e4
63690949f1182e54057de4b9bc5a306598663979
51176bcb5c019fcf0584ec92e73ed6cfb798692ef53252635a3e0b4edd4b5ad5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4466
Cache-Control: max-age=115721
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Etag: "63499cc3-1d7"
Expires: Sun, 16 Oct 2022 18:45:09 GMT
Last-Modified: Fri, 14 Oct 2022 17:30:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fa2ed4e59ffdc20abff5a43c1389363d
3ab061af64b777146b1771261a9b22ac6b55b824
5cb5620c09908bf7218526b539dbbfb3c6811d7470cd8d52da73499c96083ede
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: max-age=109819
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Etag: "63499724-139"
Expires: Sun, 16 Oct 2022 17:06:47 GMT
Last-Modified: Fri, 14 Oct 2022 17:06:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3039b3640f516724d3ec7e845c2f20d1
efa6a85767ab44afd629d1d82413770412abce0e
d454aa6e955985b5b78d1a190b7abc035a1e6dea0c3c5f06220bad3031717249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
choices.consentframework.com/js/pa/24697/c/IxWav/cmp
212.129.3.112200 OK 139 kB URL HTTP/1.1 choices.consentframework.com/js/pa/24697/c/IxWav/cmp
IP 212.129.3.112:0
File type Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size 139 kB (139421 bytes)
Hash c272e2fbd38f66fcaef3ca3229a47d0d
6747bb2670237b70881dc5180dda9fc5ca31a5b1
8a35872e78aee5b8cc36324aa2716d08b63deadc9feb4b566dff8941c25093d4
GET /js/pa/24697/c/IxWav/cmp HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:28 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=3600
Set-Cookie: euconsent-v2=NO_CONSENT; Path=/; Domain=consentframework.com; Expires=Sat, 15 Oct 2022 10:41:28 GMT; Secure; SameSite=None
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
qaffen.yoo7.com/t3792-topic
94.23.159.185200 OK 74 kB URL HTTP/2 qaffen.yoo7.com/t3792-topic
IP 94.23.159.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11020)
Hash 5ca1096fff4d2dddf253fff3a4933268
5c54803ed0141cd9be38c80ed6be5cb457453e87
ee0cb44f11d62316b675fe43e77224f781aaaebce6ac5a1e38ea6b604b7c7c78
GET /t3792-topic HTTP/1.1
Host: qaffen.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sat, 15 Oct 2022 00:00:00 GMT
last-modified: Sat, 15 Oct 2022 10:36:25 GMT
vary: User-Agent
set-cookie: exadd=166584; expires=Sat, 15-Oct-2022 14:36:25 GMT; Max-Age=14400
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8afdf145d838990d08d4e8bedbbdd640
b718c42fd492781d5d3bd72f766c915a9f35adc9
9708289cbcf84547f297089d1d96a02158a820cc685d53496bacfbb13fddb92c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3637
Cache-Control: max-age=127881
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "6349cf81-117"
Expires: Sun, 16 Oct 2022 22:07:50 GMT
Last-Modified: Fri, 14 Oct 2022 21:07:13 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8afdf145d838990d08d4e8bedbbdd640
b718c42fd492781d5d3bd72f766c915a9f35adc9
9708289cbcf84547f297089d1d96a02158a820cc685d53496bacfbb13fddb92c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4992
Cache-Control: max-age=129236
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "6349cf81-117"
Expires: Sun, 16 Oct 2022 22:30:25 GMT
Last-Modified: Fri, 14 Oct 2022 21:07:13 GMT
Server: ECS (amb/6BC3)
X-Cache: HIT
Content-Length: 279
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 4.9 kB URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
Hash 27306899e67f78e5880b3c1779b34273
b6372dfd5a1bfbbab4275847201636bc9a6f39ee
bb771b2c6ea6e97256eee4abbe93eb9930c55c28184eb32aa33411e701b59e4d
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Mon, 14 Nov 2022 10:36:28 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 080A:7FEB:63B1FE:668312:6345BF88
vary: Accept-Encoding
x-fastly-request-id: 197f8c2083f49d748b222987ebe646b52fbc2b43
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8afdf145d838990d08d4e8bedbbdd640
b718c42fd492781d5d3bd72f766c915a9f35adc9
9708289cbcf84547f297089d1d96a02158a820cc685d53496bacfbb13fddb92c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4992
Cache-Control: max-age=129236
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "6349cf81-117"
Expires: Sun, 16 Oct 2022 22:30:25 GMT
Last-Modified: Fri, 14 Oct 2022 21:07:13 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8afdf145d838990d08d4e8bedbbdd640
b718c42fd492781d5d3bd72f766c915a9f35adc9
9708289cbcf84547f297089d1d96a02158a820cc685d53496bacfbb13fddb92c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2227
Cache-Control: max-age=126471
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "6349cf81-117"
Expires: Sun, 16 Oct 2022 21:44:20 GMT
Last-Modified: Fri, 14 Oct 2022 21:07:13 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 279
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 41 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
Hash f4443f7896315b5b0a2dc26792892b9e
b6f29485c3689d0bbbee3051fde4e894c714e581
6bdceb6cf08ab7dd03a7d3321ffcbae727be759c0175841556d7d8270ea686f8
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: text/javascript
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
etag: W/"6337ac21-1e358"
expires: Sun, 16 Oct 2022 10:36:28 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
2img.net/i/fa/prosilver_lightgreen/icon_logout.gif
104.21.235.175200 OK 219 B URL HTTP/2 2img.net/i/fa/prosilver_lightgreen/icon_logout.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 16 x 14\012- data
Hash 08d7b21e844c8bcda5067bbb2188f7d4
804faa09ba236963291272d4df900ab96fd5c00b
e5382e35a551bd5eb24167eb0096939d2b4f752ad529222a969217e05e914d2f
GET /i/fa/prosilver_lightgreen/icon_logout.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 219
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-db"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 701625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h65yv2GCCV4ZYYdssvsFDZq2hYoV3XVv1PA%2BlW7e%2BQoJwlX2CDeKM3FKeI7vdVzTUQQUNEBUjs8nsn%2FK6e164kepNTvVJlz%2BYZPsL3Dq7mKzOQpEP9%2FeySkolQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9e92e88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_capricorn_2.gif
104.21.235.175200 OK 315 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_capricorn_2.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 20 x 18\012- data
Hash effd43e4a547b224ade12963c5926dd6
9fe65b71c641335575d003ac1b35b264ea369c5b
d3807c173efab4574fb709fc10eea0d6de2a5c6d203b083989bdf455e7cfc012
GET /i/fa/subsilver/icon_zodiac_capricorn_2.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 315
last-modified: Mon, 16 May 2016 11:01:57 GMT
etag: "5739a8a5-13b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 695807
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=een0xVm0D3gA0%2BmGYRD6oJaOwn8OUX2W9NrJmA6EHVz3Squul6zD7toIGUkP2j2F3%2BFmp6qgcpM9XP8z8wlWUNRGs9r1nKjdsOaPbVu5%2Fn2tEi%2BGiyD6IPdSsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9e92b88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/prosilver_lightgreen/icon_portal.png
104.21.235.175200 OK 211 B URL HTTP/2 2img.net/i/fa/prosilver_lightgreen/icon_portal.png
IP 104.21.235.175:0
File type PNG image data, 14 x 14, 8-bit colormap, non-interlaced\012- data
Hash baaf60af0b24a7960d5f2c9b6a4eb5b4
16c9cdc7456f1849f5e3f9b7e3b55ddc4b64ecd7
602dcb2564ba556ea7821a603c26b12d70c657291167ea30e2c0417f97869d97
GET /i/fa/prosilver_lightgreen/icon_portal.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/png
content-length: 211
last-modified: Mon, 16 May 2016 11:00:41 GMT
etag: "5739a859-d3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 206130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVEjkB4VYCIJyuk1OAKNjvi8boD7ACi4g%2FWALFQPsZzKVoAWN4fdEhqd%2BVvjNyCrTAXG4LW8yc7vV3iBaprkynvcKrCfueyPA2h7cPV9EPsRm08ABdKqvvWcpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9e92388b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.175200 OK 43 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 703057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DQgVZzud3GdyhVMWJ0z4WnYENFVkbkmAyCQKWy4KFu4%2FbRe2GCo%2BpxhNsIo2HypFh59WmAEaPx54HYc%2B5um7HjoogrykTnN1k1M94skjPCdxquT7gR1Q64Hzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9e92d88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/prosilver_lightgreen/icon_home.gif
104.21.235.175200 OK 306 B URL HTTP/2 2img.net/i/fa/prosilver_lightgreen/icon_home.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 13 x 12\012- data
Hash 1d9ea37a713f3effaf49b982f798b616
aab649583075bad7bcf5555953d34dd26f566986
6fc9e1f931fe8cda14caf06c2d2674774fbab6d67b424d3bbc438996922448ab
GET /i/fa/prosilver_lightgreen/icon_home.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 306
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-132"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 702734
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4fEdyoa6tR%2Bps%2B7tMXFDaFmGoymb9TLFhQXpMpOydTvveFaHaprflyzTTSrRsEe81QpgzwfDnSuxKmgqAmISmteKspZaBegkXPc%2B1frqJ7TGcYwhrJdLLK8zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9f95b88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/i/smiles/lol.gif
104.21.235.175200 OK 3.6 kB URL HTTP/2 2img.net/i/fa/i/smiles/lol.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 51 x 49\012- data
Hash 7755ddbe07db6d302fcb4121157f137e
c312b45c50c6b8f17770d91c1fcca779b982b721
a13d3affd32623af934b02995ecc02c1cfa1457eb12b5f7491bc6b88a2edfbbe
GET /i/fa/i/smiles/lol.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 3569
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-df1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 703026
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Agb1lmaK9XDtoBsdGO6%2FfuSLuXQWwqsIVOFdSz%2Fc8vqNpeX%2BQF6NwnCcGdWUn44ecUk564NwEoJQWhed%2F4LOFnMql7GSp7yRcuotlOoRQ5Bn%2Fm3u0%2BDZ7MA61w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9f97288b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_minigender_male.gif
104.21.235.175200 OK 142 B URL HTTP/2 2img.net/i/fa/subsilver/icon_minigender_male.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 11 x 11\012- data
Hash 5ef7a6af0298d7e13a08a8e5afeb1228
78e2ddc2595b7a2975e9b11ef4852f5ac0616616
4bd253445eec78e6f29ec51cfbd53f3b52941a208a4237389209cba55cc7047d
GET /i/fa/subsilver/icon_minigender_male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 142
last-modified: Mon, 16 May 2016 11:01:55 GMT
etag: "5739a8a3-8e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 264858
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtshJmM19Adp2sVrI8mOnGEZv%2FUJV5BD0v5PPHrJLQWqVv%2F6RCihEBj5yS%2Fu4puB6yk3FWUBkm6%2BMm6Uuf6WdVko6suGgGERa0zZpjfpO3un533kt502b%2Fe3Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9f96e88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_virgo_2.gif
104.21.235.175200 OK 329 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_virgo_2.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 20 x 18\012- data
Hash 6d4fbaf7c8d70443d83c80a617dd2fe1
4e05c4ac97d34f02f10887f596621abc95ca3887
a16c14f23f8146df10e2795a20bd2d7fa8ece22395404034592d96b58f15798a
GET /i/fa/subsilver/icon_zodiac_virgo_2.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 329
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-149"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 188195
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnPMcHUIglT1xfS%2FccAPizJ5QX35wUArxf1fIhfWXpAo6m31Xx9eLlywH2os16yPn7jcNvFJJyQqwGfR0jv4v%2BmIZKHCuaGn5cZzeZll3zzrB2ZQYKcmpo9piA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9f97088b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/prosilver_lightgreen/icon_register.gif
104.21.235.175200 OK 228 B URL HTTP/2 2img.net/i/fa/prosilver_lightgreen/icon_register.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 16 x 14\012- data
Hash 7f2216e2b7117b95401f9e346b0d408e
331f9e0ff543c069064004556d7b8c0bab28baee
5977f5b026edab10b62bafbca17882ffa9cf160f7a46a7fd5f34e4be86fabfc3
GET /i/fa/prosilver_lightgreen/icon_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 228
last-modified: Mon, 16 May 2016 11:00:40 GMT
etag: "5739a858-e4"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 701625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlprpX%2BpJ8FxFT1e0p0Bq%2BGdn3z6cuxSAFyMD7%2BwpaFkiLo8YmNlc8cQGewx%2FJFgSDy%2FqWHuybdR5bSH%2FZqDeAaZ7ru%2Fyw0LbkiR6eE84vqvgFRzcSDRh5KKMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f9f97188b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8afdf145d838990d08d4e8bedbbdd640
b718c42fd492781d5d3bd72f766c915a9f35adc9
9708289cbcf84547f297089d1d96a02158a820cc685d53496bacfbb13fddb92c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3637
Cache-Control: max-age=127881
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "6349cf81-117"
Expires: Sun, 16 Oct 2022 22:07:50 GMT
Last-Modified: Fri, 14 Oct 2022 21:07:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
2img.net/i/fa/prosilver/corners_left.gif
104.21.235.175200 OK 55 B URL HTTP/2 2img.net/i/fa/prosilver/corners_left.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 6 x 12\012- data
Hash 55e539125406d57ec52405dbf39253fa
6a33bb8f3227fb81fbdf5eaffeb40dd6f58b4f7a
e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b
GET /i/fa/prosilver/corners_left.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 55
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-37"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 702933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z8BRqv2ldVOkkGtVvgdgb8fs0B6oiYNdsmVTKkKYym%2FBfO5CoQ1uGqcQTngtSuSxjHc2ff3HU9Y61YvLJUfb3DrDnR2YxbtDYljCfo06ZA0eBKb8UqjZZblMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa59ea88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cbf2a1c4631b4db232c83e8cf536763a
bd00e55371b0cab37f16b559133e0f39bc2a1213
e515a6f6cca6496f7aea1463905eedc33f04b1d39ded01f2d68ca5ba91711ff3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E515A6F6CCA6496F7AEA1463905EEDC33F04B1D39DED01F2D68CA5BA91711FF3"
Last-Modified: Wed, 12 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Sat, 15 Oct 2022 14:36:25 GMT
Date: Sat, 15 Oct 2022 10:36:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3763
Cache-Control: max-age=167589
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 09:09:38 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
2img.net/i/fa/prosilver/corners_right.gif
104.21.235.175200 OK 54 B URL HTTP/2 2img.net/i/fa/prosilver/corners_right.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 6 x 12\012- data
Hash 130c94b5382c071dcf09c5f50f8e7ab1
d391f8020a97bd8d5c350d68585765be61bfd27a
e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478
GET /i/fa/prosilver/corners_right.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 54
last-modified: Mon, 16 May 2016 11:00:36 GMT
etag: "5739a854-36"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 702933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsigVo1bu8%2Fhb%2F0GXipDwoAABZgG4LPk4rYshv1D%2FZYWuBL3SD4lcH5na%2BIaX2GL8kVtrrjftFZI8OYRLniQkpeB5zrma4BtG3GdIgHfWJkmi71yDQaDeDY6hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa7a1488b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/invision/pp-blank-thumb.png
104.21.235.175200 OK 9.6 kB URL HTTP/2 2img.net/i/fa/invision/pp-blank-thumb.png
IP 104.21.235.175:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash db01076614dffc62222461ab141b990c
d9c4028723700b846dfbe902c19d9f78491fc65b
96ecd9f62a332fa2e57b75b308c1a6756d3e549c4d4dcdd0761af12431df59db
GET /i/fa/invision/pp-blank-thumb.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/png
content-length: 9554
last-modified: Mon, 16 May 2016 10:59:31 GMT
etag: "5739a813-2552"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 264868
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4F838EEGNt%2Bh2mlmH5tm9Jgmyu%2Fw%2FD9FqHfkc7yq%2FpbDY%2F7lhFKRnKgTUN3nokltu%2FXVo7VYCkZ7A81pxAFjSIpP1MnQF0Kd9gPfyjsEM5DmbtDW9yoJeoKWqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa8a1a88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/12/58/51/i_background.gif
104.21.235.175200 OK 5.3 kB URL HTTP/2 2img.net/s/t/12/58/51/i_background.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 200 x 200\012- data
Hash ac56b423a6ef325f2b82964f089e335c
b93e09f9a39ef50c0208b5a4c00134a8170f2bbd
7f470ba400a8f06fff867f25224bf90e182be8578f555e729b92eec2fe192f84
GET /s/t/12/58/51/i_background.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 5327
last-modified: Wed, 27 Oct 2010 16:10:44 GMT
etag: "4cc84f04-14cf"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhCbdu9SYwnuTa16RXlm%2Bw9zHuu2zCtf2sB02mHQgdAoOv6xuFJxNz9hrpEj5Iw%2F%2BSxCkyuFvB%2FFTzS56ZPLgFLIBqWmdx66fPcKvLJbRIiz9tQMLMqdjBoaag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa59e188b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/sprite_icons.png
104.21.235.175200 OK 1.5 kB URL HTTP/2 2img.net/i/fa/sprite_icons.png
IP 104.21.235.175:0
File type PNG image data, 1395 x 12, 8-bit colormap, non-interlaced\012- data
Hash 6c31830c94fd2987aab8ed4af1e6b756
9bb52d402fd3cd4a0515c54b5061b655fdabfd96
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
GET /i/fa/sprite_icons.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/png
content-length: 1459
last-modified: Mon, 16 May 2016 11:01:49 GMT
etag: "5739a89d-5b3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 703045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvCwrzE6R%2Foz7qhif3txqiW25mZjfMReo6BZAs0eq%2B4JMoOTR7c3GNpHYKmUYDfxFKnuXNeTGo1C7Hih5H0GoyGmzWJloxMmgx3KOWfPb2BgMd%2FmMNJ2GPItDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa9a4088b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/prosilver/bg_button.gif
104.21.235.175200 OK 174 B URL HTTP/2 2img.net/i/fa/prosilver/bg_button.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 4 x 24\012- data
Hash 1f4cb2a1974e0f3cc6b739707fc5713c
f313497e6aba95854a44462b5e35a024404b8989
4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad
GET /i/fa/prosilver/bg_button.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 174
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-ae"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 703038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVwi5Ga3g7s4onm0jDPdFfqu3bGfkPMo9SkFtVaaxjmA0M%2Fvn%2BxjQynFnCO%2FYsc7hx01NUipAAMw8OuDLx0OmOVjJ85qzmXrKED6ppYGouV3CG6CBhuN39O4lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa9a5088b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/u/2712/73/92/96/avatars/6-64.jpg
104.21.235.175301 Moved Permanently 178 B URL HTTP/2 2img.net/u/2712/73/92/96/avatars/6-64.jpg
IP 104.21.235.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /u/2712/73/92/96/avatars/6-64.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 15 Oct 2022 10:36:29 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FNMmKtlJVNAuLQb2itjL%2BMvLX3l9PBsRlGGrXtocDpDZ4%2Fpvl8EnRPY6BkrWpbafR8Uo3FrtCZ2QOVIhg%2BlgdsDnLKPLHWcHdKUIeODz3uuxCcxuTNoZr6OqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa8a1888b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/u/2712/73/92/96/avatars/8-92.gif
104.21.235.175301 Moved Permanently 178 B URL HTTP/2 2img.net/u/2712/73/92/96/avatars/8-92.gif
IP 104.21.235.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /u/2712/73/92/96/avatars/8-92.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 15 Oct 2022 10:36:29 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcvtM%2BdgvnzU7W5RgZtKZkTjUXZZ5QvuFnkEnAx2%2BRiPVW%2BinHNILlTdkF7acrsj3aKfN1QuUERvCFYuWu%2FNn1OIjGOf4E70IlW3rCMsm3jzd2wwcIkHd48Y1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa8a1688b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/12/58/51/i_header_bg.jpg
104.21.235.175200 OK 53 kB URL HTTP/2 2img.net/s/t/12/58/51/i_header_bg.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 980x300, components 3\012- data
Hash 98da1922d4c61c76db1e51d8fa4fbde9
296f1d090aa36b88394025e869c0ca452cb48a60
76d2da7a561e58a2e37393fcbff40788c7b75d5449098eaa8df876cd0777b77e
GET /s/t/12/58/51/i_header_bg.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/jpeg
content-length: 53206
last-modified: Wed, 27 Oct 2010 14:58:23 GMT
etag: "4cc83e0f-cfd6"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmqs6THK7oSe1QYhcwM9LuEfC%2B3OEM%2FMeW4wh4U1SvPcPPFD6T%2F96ISPEkcUkBmTBI2gXNBnOtsBNrwVIaNjzS5TETTczPTzJILofxtMDKOcJY1tiJNIaCgP9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa59e588b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/u/2712/73/92/96/avatars/1-77.jpg
104.21.235.175200 OK 8.3 kB URL HTTP/2 2img.net/u/2712/73/92/96/avatars/1-77.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 112x199, components 3\012- data
Hash 9e232f3aea32fb6c385bbbb9badcb8ac
2f562ebf930ee1ff1a90a30a92b8632b8dcadf1c
e694e6dec46fcd5da08bae4b1454ab741315440616f72b3463d33e261347f7ad
GET /u/2712/73/92/96/avatars/1-77.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/jpeg
content-length: 8316
last-modified: Mon, 01 Jan 2001 00:00:00 GMT
etag: "3a4fc880-207c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJcO1jLyGROlLp1%2F1WejghReOygCWd13EJd0nU5VITDdcli9n6KdJgKuvyJX%2F9Oa7FbRCAsl6VhJ85F9ZWNPlRzp%2FqWlqX1eTowUrPVseHdTMXj6awwT7gHkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fa9a3c88b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/profile/check?origin=https://qaffen.yoo7.com
212.129.3.112200 OK 17 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/profile/check?origin=https://qaffen.yoo7.com
IP 212.129.3.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0bd75264337702d501fe87ce0b52dc08
97cc20d9be99aab0ec65848e65d7e3b241788d73
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
GET /api/v1/public/profile/check?origin=https://qaffen.yoo7.com HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:29 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 17
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: https://qaffen.yoo7.com
Cache-Control: private, max-age=86400
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e4f71575f3c3b7f82320ea8ffae48d6d
d0672bb96e46501c3761bf4f7baff16de7072dfa
b116d1c166bc43ac06007235d90de77524d3cdd4570dab8a83f53895f1afa913
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3873
Cache-Control: max-age=157277
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "634a4169-116"
Expires: Mon, 17 Oct 2022 06:17:46 GMT
Last-Modified: Sat, 15 Oct 2022 05:13:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e4f71575f3c3b7f82320ea8ffae48d6d
d0672bb96e46501c3761bf4f7baff16de7072dfa
b116d1c166bc43ac06007235d90de77524d3cdd4570dab8a83f53895f1afa913
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4956
Cache-Control: max-age=158360
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "634a4169-116"
Expires: Mon, 17 Oct 2022 06:35:49 GMT
Last-Modified: Sat, 15 Oct 2022 05:13:13 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=qaffen.yoo7.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=qaffen.yoo7.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash a38b8b4091d6fc9efeccf2f672758507
8f0f9aff8423f3c8e6f750611c559ceebb0422ad
ed6366fbd57bf54148d66f84ad3b513da6944928b51eac15ba52ed641d650010
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=qaffen.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 2eada6c07ce4a0566a72c02443f995de
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vfPAiM4Fpt8tJiVeJPhQKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9T+O8ivu/w99WZHsazNfcVs9aRo=
i.servimg.com/u/f47/11/97/84/92/clip_i10.gif
104.21.31.159200 OK 2.4 kB URL HTTP/2 i.servimg.com/u/f47/11/97/84/92/clip_i10.gif
IP 104.21.31.159:0
File type GIF image data, version 89a, 80 x 25\012- data
Hash 1177cc73f98c1439050965522aac1d6a
c095d40f742ae5139e864fd1d4dfca90859b148d
19b5cfa03303f0fe1bd218a9296189797e787bac73ea05bbf91c23269146170c
GET /u/f47/11/97/84/92/clip_i10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 2397
last-modified: Thu, 26 Jun 2008 15:04:33 GMT
etag: "4863b001-95d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 15 Oct 2023 10:36:29 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpYkvgc7eVOR1JvGf0LYoC9Vn%2FjvIVPwbmIA26CPqL7PwwuWFtNTjyphm4BhVR7OdD0E8YBxhUZtuHBhRtXHb7MJcArpUPTxL67teFQ%2FcUKfnHnilbNWKTmO2VWJM3ld"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75a7e9fc5b541c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/v2/tcstring
212.129.3.112200 OK 25 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/v2/tcstring
IP 212.129.3.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c7be6c2029fd0db7b831a9e8359395f
48818c4617f2dac593cc84c8f39244f24be3760e
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
GET /api/v1/public/v2/tcstring HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:29 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://qaffen.yoo7.com
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e4f71575f3c3b7f82320ea8ffae48d6d
d0672bb96e46501c3761bf4f7baff16de7072dfa
b116d1c166bc43ac06007235d90de77524d3cdd4570dab8a83f53895f1afa913
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3873
Cache-Control: max-age=157277
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "634a4169-116"
Expires: Mon, 17 Oct 2022 06:17:46 GMT
Last-Modified: Sat, 15 Oct 2022 05:13:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
i.servimg.com/u/f27/11/09/26/10/7mbc_110.gif
104.21.31.159200 OK 2.5 kB URL HTTP/2 i.servimg.com/u/f27/11/09/26/10/7mbc_110.gif
IP 104.21.31.159:0
File type GIF image data, version 89a, 80 x 25\012- data
Hash 19b73e27eaf91306747b3efa47e8550e
7efc35839f134391f994963ac3833ce8087f5aff
6619a36a6a6389e9765dfee3c9d04179d941fa34b988a1ec4edf49efa87da484
GET /u/f27/11/09/26/10/7mbc_110.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: image/gif
content-length: 2489
last-modified: Thu, 03 Jan 2008 20:01:53 GMT
etag: "477d3f31-9b9"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 15 Oct 2023 10:36:29 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C99E1%2BVeZaCEMQ842L2SNBoaEcPzQzJgjeDYer%2Botd9P%2F0bjozkMGfLIV0cm0kY7%2Fvwr8MfzVjM%2FpA8%2Fqahpy8J4%2FpsT%2FBCvP6bFY0lwqQLyg04JkLk0EZMqBTNAu5k1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75a7e9fc4b481c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qaffen.yoo7.com/?utm_source=pwa
94.23.159.185200 OK 16 kB URL HTTP/2 qaffen.yoo7.com/?utm_source=pwa
IP 94.23.159.185:0
Hash 975ce02c14f3e013a4d81c63df346707
f68c248dbeff23d17e66607cadcef51cfd35af33
8dc0fd8f5c9ecbbc0cd6f10ccd00296825635fe02c93226b8f6509b164394109
GET /?utm_source=pwa HTTP/1.1
Host: qaffen.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166584; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 15 Oct 2022 00:00:00 GMT
last-modified: Sat, 15 Oct 2022 10:36:29 GMT
vary: User-Agent
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 29 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a704fadd8ecca686bf70a3bb42883f1
889c8d1e0d647aea475d26f44fa89081524c53a9
5602798b03aa432f7b16e5eb6d39d89baae38b0624c25005f43e572cc88fe18d
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/javascript
x-trace-id: 648d4bdcb03556599da7ec57df90aad0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9c3b7226524c4b42855dcbc76c911305; expires=Sun, 15 Oct 2023 10:36:29 GMT; path=/; secure; SameSite=None
oaidts=1665830189; expires=Sun, 15 Oct 2023 10:36:29 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/consent-string
212.129.3.112200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 212.129.3.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:29 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Content-Type: application/json
Origin: https://qaffen.yoo7.com
Content-Length: 378
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c4cc49bceef9db0f912ef4548eb2cc1f
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/consent-string
212.129.3.112200 OK 245 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 212.129.3.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ab74c520c412d104098671e09d66f63
dc1d65ecefa9f59b9140255dc14aeb78a3eaa9df
cb47c6f440bc1b0c4a9ce33a472aaeffd560bdb52d274cedde38e5838322344a
POST /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Content-Type: application/json
Origin: https://qaffen.yoo7.com
Content-Length: 314
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:29 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 245
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/user-action
212.129.3.112200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 212.129.3.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:29 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f76d0ccb016645ec4f230fe3515e364
17bdf4fb369fb6412ae220a28589008fd9876bb6
627784816d5d70f6c028a09044b3465702c2931c6bef89b51134e1ef566ccf34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5165
Cache-Control: max-age=127207
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:29 GMT
Etag: "6349c6e8-1d7"
Expires: Sun, 16 Oct 2022 21:56:36 GMT
Last-Modified: Fri, 14 Oct 2022 20:30:32 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Content-Type: application/json
Origin: https://qaffen.yoo7.com
Content-Length: 452
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1e556950af3b077e152093c8cc85ccee
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/user-action
212.129.3.112200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 212.129.3.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Content-Type: application/json
Origin: https://qaffen.yoo7.com
Content-Length: 159
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:29 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic&r=&rand=1665830191005&gdpr=1&gdpr_consent=CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&globalscope=false&cookieless_optout=0&tbp=true
51.158.28.82200 OK 0 B URL HTTP/1.1 js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic&r=&rand=1665830191005&gdpr=1&gdpr_consent=CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&globalscope=false&cookieless_optout=0&tbp=true
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic&r=&rand=1665830191005&gdpr=1&gdpr_consent=CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&globalscope=false&cookieless_optout=0&tbp=true HTTP/1.1
Host: js.cookieless-data.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 15 Oct 2022 10:36:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8ceb6907e82e85fb8def6059388c6a5b
35baf6e386c6760b175fe9e2f1ccf94aa23252b7
29409c4b3a8e023a8c96dd6b87348a1523b2bcee1cd01db6cfd11fd9050d5af5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 10:36:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 18:25:21 GMT
Expires: Thu, 20 Oct 2022 18:25:20 GMT
Etag: "35baf6e386c6760b175fe9e2f1ccf94aa23252b7"
Cache-Control: max-age=459529,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a7e9ffecc0b4f7-OSL
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 15 Oct 2022 08:46:56 GMT
expires: Sat, 15 Oct 2022 10:46:56 GMT
cache-control: public, max-age=7200
age: 6574
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.85.44200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65498)
Hash 5b6d53a8381b85c2f2fca1fed4a3de9e
fb496110ad952fb184780db4356ea117491de21c
4feddaed62fb0a15dc44617ad89f7927db6f43fce138ccd04c33e5740a2c2d9d
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MdWAgL1YfNjsxVeRjZ9k3duVhIJU1cm6nnxWJLXgSEayD7eQ1m7yJPfdBZ75wELsz0u/0m8cOOI=
x-amz-request-id: TSXS0ZCFETFHQQCF
last-modified: Thu, 13 Oct 2022 08:49:53 GMT
etag: "d67d78ac489dcba00e62d1df3763d010"
x-amz-version-id: jOp5Pqd0H_vcHmVPqTU_OiULPdLLP8KC
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:30 GMT
via: 1.1 varnish
age: 119
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665830190.303113,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 49
content-length: 25119
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=9c3b7226524c4b42855dcbc76c911305
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=9c3b7226524c4b42855dcbc76c911305
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 288d3fcbd5291febf9745d7741631ac9
5b594f0a8120fe3ff5c05317247bc5c4750a42f9
bb2372dab5620edaad43ecdbcff4d0581e7e38cf4c879bd9abd93dda9de43b27
GET /gid.js?userId=9c3b7226524c4b42855dcbc76c911305 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:30 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9c3b7226524c4b42855dcbc76c911305; expires=Sun, 15 Oct 2023 10:36:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
qaffen.yoo7.com/images/icons-180.png
94.23.159.185200 OK 6.1 kB URL HTTP/2 qaffen.yoo7.com/images/icons-180.png
IP 94.23.159.185:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bbc173a2c7add9b97ed5fe2dea15269
2e00950d0813a6d995784905a90c5eb2041f05ee
689c95c5a53fd85782d965279cafd0c06042391eca615fe7e7f799e1bae5cc82
GET /images/icons-180.png HTTP/1.1
Host: qaffen.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/t3792-topic
Cookie: exadd=166584; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:30 GMT
content-type: image/png
content-length: 6055
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 15 Oct 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
172.64.155.188200 OK 283 B IP 172.64.155.188:0
Hash c42fe0eb659b33ba89b42caabec9a2ab
9f90f2cac214b9df84b7c558297ea59ee6a0d22c
42b86e8898ddc695da1af6e7f580a326cb3d52c5ddd63dcc969077f39f29532b
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 10:36:30 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 00:47:15 GMT
Expires: Sat, 22 Oct 2022 00:47:14 GMT
Etag: "9f90f2cac214b9df84b7c558297ea59ee6a0d22c"
Cache-Control: max-age=568843,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a7ea0148240b59-OSL
cdn.taboola.com/libtrc/impl.20221013-3-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221013-3-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65509)
Size 146 kB (145762 bytes)
Hash fa9684da72012442743304d2075fdc69
d6708bac1330215d96a64d27e471c3344032a2bd
5100af90545ab1b8543db9470775a10612aa03acf0a1db2929021ab9520fa78e
GET /libtrc/impl.20221013-3-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9KEPXC/Q7DTJ0XnJo+4mOhjcVLbmYOCToOoRkk/D3vlFESHpZ0JUudoCmLZaXXMikvLD1KT5f0I=
x-amz-request-id: JTZYQDK5KF6DWQNX
last-modified: Thu, 13 Oct 2022 08:47:59 GMT
etag: "fa9684da72012442743304d2075fdc69"
content-encoding: br
x-amz-version-id: 4PDJ7Q473Aostfxo_SVZoeqEWealjkdj
content-type: application/javascript
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:30 GMT
via: 1.1 varnish
age: 6449
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 3209
x-timer: S1665830190.475210,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 90
server: AmazonS3-br
content-length: 145762
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash eb43bbce02fa99c9913ef3ce94384776
888300ad39802192093a2f1c9610fc1dfae8c2ca
5cc7ea7ff39b7d83a8227cc95a7c23b41288046a2514d42170a0cb653d870c6d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3443
Cache-Control: max-age=145999
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Etag: "634a170b-138"
Expires: Mon, 17 Oct 2022 03:09:49 GMT
Last-Modified: Sat, 15 Oct 2022 02:12:27 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5c64ced45088660f4e780756e5ca0968
7d1d4b389b65a679b01acd0e3a070da7f6760bf1
d266d13f4491fc184a1f031ed87a5af76d46c58bd8751cb92cbedba574139462
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&gjid=1042372442&_gid=1843843341.1665830192&_u=YEBAAUAAAAAAACAAI~&z=555378447
173.194.73.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&gjid=1042372442&_gid=1843843341.1665830192&_u=YEBAAUAAAAAAACAAI~&z=555378447
IP 173.194.73.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&gjid=1042372442&_gid=1843843341.1665830192&_u=YEBAAUAAAAAAACAAI~&z=555378447 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://qaffen.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 15 Oct 2022 10:36:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=131&profileId=206&cb=33099174766
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?ptv=131&profileId=206&cb=33099174766
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?ptv=131&profileId=206&cb=33099174766 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 774
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 15 Oct 2022 10:36:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://qaffen.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5c64ced45088660f4e780756e5ca0968
7d1d4b389b65a679b01acd0e3a070da7f6760bf1
d266d13f4491fc184a1f031ed87a5af76d46c58bd8751cb92cbedba574139462
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash cf11bd99eb6c533bdb2fe6de0fe85b32
0910c7485ca17b67a400c91f029649009c0927ca
2d37684137f2c68628dce87efee951783f37d26718d11e371f1f6a7912fa7477
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161270
Date: Sat, 15 Oct 2022 10:36:30 GMT
Etag: "634a5935-1d7"
Expires: Mon, 17 Oct 2022 07:24:20 GMT
Last-Modified: Sat, 15 Oct 2022 06:54:45 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5yB4Q53E622SxjgMZO817yevsAH5XeBRpURzUjEmrvKKT6Ur3PuZiA==
Age: 1775
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Sat, 15 Oct 2022 11:46:22 GMT
Date: Sat, 15 Oct 2022 10:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Sat, 15 Oct 2022 11:46:22 GMT
Date: Sat, 15 Oct 2022 10:36:30 GMT
Connection: keep-alive
api.viglink.com/api/ping
34.248.7.88200 OK 259 B IP 34.248.7.88:0
File type ASCII text, with no line terminators
Hash 6c7c25e0700dc4f975c7205b4737798e
3804e26671417e6d6f9f94d8df28c6d137a110d5
018ff5ef86b7830acbe7cbd640b6bdb324912902c242fd8f517e9894f3ecacbd
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://qaffen.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 15 Oct 2022 10:36:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Sat, 15 Oct 2022 11:46:22 GMT
Date: Sat, 15 Oct 2022 10:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Sat, 15 Oct 2022 11:46:22 GMT
Date: Sat, 15 Oct 2022 10:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Sat, 15 Oct 2022 11:46:22 GMT
Date: Sat, 15 Oct 2022 10:36:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 644dadbc61528fb78d6a4d37809a4da1
46c2110541fe6eec046efea92940d17b69e410dc
6cdb2203d1ddb0e17728a5cede16bb7cf058172b0c61ca6e5082a514a447bf88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3894
x-amzn-requestid: f46ef5cf-34c4-4024-a1cb-7a46985a0225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA5pWEHeoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d63b-26b43ef606fd070f153225a3;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KZCAQXda5v816O20Q8-UKTh7nxPm0SSU1EGkNXEEharLsGzA1ifMDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:43 GMT
age: 46007
etag: "46c2110541fe6eec046efea92940d17b69e410dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: 6cd31f4a-e8b2-4258-9b64-2fad83a606c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3ekFH1-IAMFTDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6346114d-5fd284f41be669a972e84ed4;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 00:58:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4PfJD4ZyH4fg4H6C1kQK_MHuWp4DdzA768vaMNt98y3_hKwkFbIpYg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 05:09:16 GMT
age: 19634
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 902f6b585d65d720ff096817ca1f2233
9b73cbeff3361c30600bea9f12a862ae2c4f1e01
8669095b4abaab1bbe1a9f65eb61e7caf713c36f8a24ed0979f482bb3356b79c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6454
x-amzn-requestid: 4774f611-4ee1-40e7-804b-229bfff6c5a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjS3MGmdoAMFqKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfe94-451518b50ab53f2538d0c13f;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:00:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2Ra0AP60Ts4OidLByrMWpcUixuPQZGP8QliETUca6vdyqZfO9oxGDQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:43:14 GMT
age: 46396
etag: "9b73cbeff3361c30600bea9f12a862ae2c4f1e01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a47aec-e82e-473b-bada-4a1772e28b03.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a47aec-e82e-473b-bada-4a1772e28b03.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed69b9cbe069db72d2b0936b20b56cf
ba37c9ea8a65445bace6ac9e7b78e5cdc7052651
cd929e1f2001e0767f4b7546600cdd5fd7447a911a7e48dfe8e7fe929116f863
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a47aec-e82e-473b-bada-4a1772e28b03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9520
x-amzn-requestid: 4c2b73b9-592b-4f8c-b5f4-1b86fd354341
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3yJEGxJIAMF1GA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634630a0-268f77214b3061674a7818a4;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 03:12:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yivRWDO4gdpplD7bgfI6pSwR8cmdCJJRrtLORqWp9rEENppkmQfcGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 04:47:02 GMT
age: 20968
etag: "ba37c9ea8a65445bace6ac9e7b78e5cdc7052651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc221dfb1-42cf-46c6-a6d8-c20dba31ed48.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc221dfb1-42cf-46c6-a6d8-c20dba31ed48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f35b86981affbf6e27cfa4702e0bca7e
0aedda481283b3e88a73f883ecaaf01c5a015022
02bb3e05bf45885b1d52465cb6a58d9afa6dd87cf5b7a4ea55359b6ce37aad4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc221dfb1-42cf-46c6-a6d8-c20dba31ed48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10893
x-amzn-requestid: 71fcae73-deb9-4edf-b600-960742a00e6c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtdILHNpIAMFVaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63420f00-0c18d7c8117ad3d54c374a1a;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 00:00:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TN6hKLqGXjdnXSEC_ZNxOgF2jbR2SzD-WsJXFsWN1rLc4Hk1SI-E2A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:43 GMT
age: 46007
etag: "0aedda481283b3e88a73f883ecaaf01c5a015022"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WTKaFQ0rZbiSiVD_qjSwbcvMoCoWsf8hfsXsC7cVkT-hm04EXHWASA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 03:39:37 GMT
age: 25013
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
178.250.0.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP 178.250.0.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:30 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Tue, 10 Oct 2023 10:36:30 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.0.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.0.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:30 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Tue, 10 Oct 2023 10:36:30 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc745cc6cabb7bcda110c74aa6bbdc4b
ee85567f8a368e63dc4ffad272f514df5b600b76
fd3befeac747605b265309554c748c5de2a5e4ca07f69889090e87639937846d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 48c8ca7abddebd077f8d5655ab885b11
1daa9bb3c1434275bbd57b9237000b72e59e1fcc
95e3c6bd5eb86b7805c5899ebd2157f214a5aec3c180830c1db3e0256097ee6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&_u=YEBAAUAAAAAAACAAI~&z=819267450
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&_u=YEBAAUAAAAAAACAAI~&z=819267450
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&_u=YEBAAUAAAAAAACAAI~&z=819267450 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 10:36:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&_u=YEBAAUAAAAAAACAAI~&z=819267450
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&_u=YEBAAUAAAAAAACAAI~&z=819267450
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1084708316.1665830192&jid=472059135&_u=YEBAAUAAAAAAACAAI~&z=819267450 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 10:36:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A36%3A31.796&type=usage&msg=rtus&llvl=2&id=8252&cv=20221013-3-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A36%3A31.796&type=usage&msg=rtus&llvl=2&id=8252&cv=20221013-3-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A36%3A31.796&type=usage&msg=rtus&llvl=2&id=8252&cv=20221013-3-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 15 Oct 2022 10:36:30 GMT
x-fastly-to-nlb-rtt: 22376
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc745cc6cabb7bcda110c74aa6bbdc4b
ee85567f8a368e63dc4ffad272f514df5b600b76
fd3befeac747605b265309554c748c5de2a5e4ca07f69889090e87639937846d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
34.248.7.88200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 34.248.7.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 15 Oct 2022 10:36:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
34.248.7.88200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 34.248.7.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 15 Oct 2022 10:36:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Content-Type: application/json
Origin: https://qaffen.yoo7.com
Content-Length: 742
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a6a779c6b8e836df0f87320827001144
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.248.7.88200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.248.7.88:0
File type ASCII text, with no line terminators
Hash c19ad48ef402297858935062da8b736e
1ba93c4e2fe700291aa910f86b57ccc2ca4431ac
8a50c7087115e43e90dbf9b4c1dfeb07690195e576ed405c852d9f5884963565
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 347
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://qaffen.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 15 Oct 2022 10:36:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 372
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 15 Oct 2022 10:36:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://qaffen.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A36%3A36.822<i=deflated&data=%7B%22id%22%3A797%2C%22ii%22%3A%22%2Ft3792-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1665650980218%2C%22vi%22%3A1665830196820%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic%22%2C%22vpi%22%3A%22%2Ft3792-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A2408%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A124.11666870117188%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2333.433349609375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft3792-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 12 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A36%3A36.822<i=deflated&data=%7B%22id%22%3A797%2C%22ii%22%3A%22%2Ft3792-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1665650980218%2C%22vi%22%3A1665830196820%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic%22%2C%22vpi%22%3A%22%2Ft3792-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A2408%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A124.11666870117188%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2333.433349609375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft3792-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (19551)
Hash 55284c9c6c385f5e43096611e8ac6a2f
270eb6573d872d4907d5838e55e4fa7928250552
040bf893e05db3a01b8a3f3514811e76e64edceb74c8472a3af821d4a8b9c55b
GET /forumotion-ar/trc/3/json?tim=10%3A36%3A36.822<i=deflated&data=%7B%22id%22%3A797%2C%22ii%22%3A%22%2Ft3792-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1665650980218%2C%22vi%22%3A1665830196820%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic%22%2C%22vpi%22%3A%22%2Ft3792-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A2408%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A124.11666870117188%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2333.433349609375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft3792-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665830196.684550,VS0,VE164
vary: Accept-Encoding
x-vcl-time-ms: 164
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 24 kB URL HTTP/2 vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b06a94b265b5ec3739dab4b38308709c
de2336288983f78217a4cc83755366e583c5920a
066de7eb0d351eda7686b2479b069a600405fed39d38c7b9163a1d3cda84e992
GET /lite-unit/1.4.0/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
etag: "b683c290896a82c974838a04b4ea4aff"
server: AmazonS3
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: EpZuzr7lQIzV08xTZRv1e5wA0qOWVGpJ94XhkewIQ9BC5tfAYBuP9w==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 2193368
x-served-by: cache-bma1640-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 185
x-timer: S1665830196.901328,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 23743
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
151.101.85.44200 OK 4.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8962f521ae193d2b2061f58dc8f89ce9
1832568abab40a10d95e795bf75ee4f4d8b44a20
28eadc3a84f45934e6bedc49fbd76b64f7597dd745aacd1e3941fc76698aaf85
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 361442623871098473179176297192785719265,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 361442623871098473179176297192785719265,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "14867859cc7173497c24514b15dae13d"
last-modified: Sat, 10 Sep 2022 16:32:24 GMT
req-referer: https://www.unian.ua/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 91afd6b6999824384f88689919f30779
x-envoy-upstream-service-time: 71
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 1562793
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kcgs7200119-IAD, cache-lga21938-LGA, cache-iad-kiad7000111-IAD, cache-bma1640-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1665830196.958924,VS0,VE13
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fda50a37fc3687d2f55b92b6bce88f9.jpg
x-vcl-time-ms: 13
content-length: 4544
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png
151.101.85.44200 OK 8.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a31453f516fb700e68cac19158799344
66a1e95d7d9ca9c3a551454ab06e49c094223d24
3c9ae9d7e9e026dc4154de6deaf844d14c6faa84b91cae4544fb4fd953da4982
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 438206606676214532544374850377595755351,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 438206606676214532544374850377595755351,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "7d32bb8c2f58776ffad49a28332e2df6"
last-modified: Sat, 10 Sep 2022 16:03:22 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 8b8ded9e7f52aea83a56c79cef6bef8d
x-envoy-upstream-service-time: 200
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 2806032
x-served-by: cache-iad-kcgs7200126-IAD, cache-iad-kiad7000079-IAD, cache-lax10670-LGB, cache-iad-kcgs7200028-IAD, cache-bma1640-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1665830196.975957,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png
x-vcl-time-ms: 1
content-length: 8094
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/7Y6rWjJ/Adult-worker-remove-demolish-old-tiles-in-a-bathroom-with-hammer-and-chisel.jpg
151.101.85.44200 OK 13 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/7Y6rWjJ/Adult-worker-remove-demolish-old-tiles-in-a-bathroom-with-hammer-and-chisel.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e618d8ff966731adeda71031ceef4ccf
250f62b52b2428ea8db8f63ab5e8341879171431
7b2f32c31cef85c3ad7a191fb62d60d793d25fe5dd50912ef590be9b1e05f75e
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/7Y6rWjJ/Adult-worker-remove-demolish-old-tiles-in-a-bathroom-with-hammer-and-chisel.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 455525361679732715512151280937354333199,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 455525361679732715512151280937354333199,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "11c733f93a126058cf2df77edabd7269"
expiration: expiry-date="Fri, 09 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 09 Aug 2022 10:06:50 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 760
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 5181625
x-served-by: cache-iad-kcgs7200127-IAD, cache-iad-kiad7000149-IAD, cache-chi-klot8100067-CHI, cache-iad-kjyo7100093-IAD, cache-bma1640-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 708, 1
x-timer: S1665830196.977040,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/7Y6rWjJ/Adult-worker-remove-demolish-old-tiles-in-a-bathroom-with-hammer-and-chisel.jpg
x-vcl-time-ms: 1
content-length: 12578
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/87895346__dpeU3RoT.jpg
151.101.85.44200 OK 7.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/87895346__dpeU3RoT.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9d538bbacd837fb4339b4e9a671540c6
20a5d6b20bc527e3a4b33123c75262030ea7602a
1f693c9e0c03ea6e5dff8fc6beb54ce3edaf4e357eebfb80925b6af2fcbd4410
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/87895346__dpeU3RoT.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 629215953155833803339392792237923470083,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 629215953155833803339392792237923470083,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "2af7f3a6b2be4bb4aabfbaafcb9354f0"
expiration: expiry-date="Sat, 10 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Wed, 10 Aug 2022 04:21:54 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 31
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 5343731
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kcgs7200130-IAD, cache-sna10745-LGB, cache-iad-kjyo7100026-IAD, cache-bma1640-BMA
x-cache: HIT, MISS, HIT, HIT, HIT
x-cache-hits: 1, 0, 1, 1, 9
x-timer: S1665830196.978393,VS0,VE0
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/87895346__dpeU3RoT.jpg
x-vcl-time-ms: 0
content-length: 7778
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
151.101.85.44200 OK 12 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4c418bceabd34d60b0ca77c32ea77363
b02f47470e625c559e0a231b6becfd72212f5b3d
ae079ccbd5a97c27337691fe821c3b0211b40dedc9922a129a1d4f04e53aa66d
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 467034397575831769978129637040287281398,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 467034397575831769978129637040287281398,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "64db85a58e852c26d7a64b471996bb70"
last-modified: Sat, 10 Sep 2022 18:03:04 GMT
req-referer: https://www.radio-en-ligne.fr/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 064197bf09cc3a77d3fb86db202ac5ae
x-envoy-upstream-service-time: 189
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 1906220
x-served-by: cache-iad-kiad7000051-IAD, cache-iad-kcgs7200111-IAD, cache-bur-kbur8200063-BUR, cache-iad-kiad7000114-IAD, cache-bma1640-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 51, 1
x-timer: S1665830196.978458,VS0,VE5
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
x-vcl-time-ms: 5
content-length: 12350
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
151.101.85.44200 OK 4.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d54b082d31f36f4c9758cc39cc4f4820
5d21373b99cf87566f6e59c9fc8157882f053746
55a3eb83b7d8bcf9881d7cab802cdc8b4ed6f710a9065a03fe3edacb4fe597f4
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 425835379569954214865319743616880450737,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 425835379569954214865319743616880450737,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "cc9999781c3b8c5245b4d02f4b8c2b2a"
last-modified: Wed, 10 Aug 2022 03:03:10 GMT
req-referer: https://www.pcastuces.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 7e8424db7eaa7dd0b3890da28a0738b0
x-envoy-upstream-service-time: 267
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
age: 4543851
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kiad7000085-IAD, cache-sna10738-LGB, cache-iad-kcgs7200139-IAD, cache-bma1640-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 328, 1
x-timer: S1665830196.977074,VS0,VE6
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81c47cd398bfb36df004c8773a22b024.jpg
x-vcl-time-ms: 6
content-length: 4850
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.248.7.88200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.248.7.88:0
File type ASCII text, with no line terminators
Hash 4ac7f2ac0017a9dcdffecff0f3f24668
92208c02d4a36ff372f126b359d6030893ab9c70
77eb3a95fe2e04c78af90260533997cda8695c7ebb218bc706a81edf073ce38d
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 253
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://qaffen.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 15 Oct 2022 10:36:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A36%3A37.120&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1286&cv=20221013-3-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A36%3A37.120&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1286&cv=20221013-3-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A36%3A37.120&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1286&cv=20221013-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 15 Oct 2022 10:36:36 GMT
x-fastly-to-nlb-rtt: 82795
access-control-allow-credentials: true
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP 104.21.63.213:0
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3205820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fulFKJPTaihyu9%2BvR6zQsIH7yXg4YkjlHnorvtNzj3hLuAT7gMIstpSJsxQ4NaxFVCaeQeRx7avH4oWRiWK9BfJ52CFPMHSuHtPf7KsS8g0x2sOAMY1RXXEotR70WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f77d490afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qaffen.yoo7.com/sw.js
94.23.159.185200 OK 0 B IP 94.23.159.185:0
GET /sw.js HTTP/1.1
Host: qaffen.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/t3792-topic
Connection: keep-alive
Cookie: exadd=166584; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic&encoded=1&uid=17dc1d95-0ab5-447b-b723-c5601cdb2db4-tucta4412b3&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1665830197086&tagid=&cntry=NO&platform=1&sesid=31b19773b0cd77c2be4adccc06ecaba1&itemid=/t3792-topic&viewid=1665830196820&geolat=&geoing=&deviceifa=&appid=&sd=v2_31b19773b0cd77c2be4adccc06ecaba1_17dc1d95-0ab5-447b-b723-c5601cdb2db4-tucta4412b3_1665830195_1665830195_CNawjgYQ3pxDGNSs3tm9MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=a4048c67626c4277204009abaf5f45e1&appname=&cdb=CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&gdprApplies=true&rid=&sii=-6361659864385687939&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8716
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic&encoded=1&uid=17dc1d95-0ab5-447b-b723-c5601cdb2db4-tucta4412b3&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1665830197086&tagid=&cntry=NO&platform=1&sesid=31b19773b0cd77c2be4adccc06ecaba1&itemid=/t3792-topic&viewid=1665830196820&geolat=&geoing=&deviceifa=&appid=&sd=v2_31b19773b0cd77c2be4adccc06ecaba1_17dc1d95-0ab5-447b-b723-c5601cdb2db4-tucta4412b3_1665830195_1665830195_CNawjgYQ3pxDGNSs3tm9MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=a4048c67626c4277204009abaf5f45e1&appname=&cdb=CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&gdprApplies=true&rid=&sii=-6361659864385687939&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8716
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fqaffen.yoo7.com%2Ft3792-topic&encoded=1&uid=17dc1d95-0ab5-447b-b723-c5601cdb2db4-tucta4412b3&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1665830197086&tagid=&cntry=NO&platform=1&sesid=31b19773b0cd77c2be4adccc06ecaba1&itemid=/t3792-topic&viewid=1665830196820&geolat=&geoing=&deviceifa=&appid=&sd=v2_31b19773b0cd77c2be4adccc06ecaba1_17dc1d95-0ab5-447b-b723-c5601cdb2db4-tucta4412b3_1665830195_1665830195_CNawjgYQ3pxDGNSs3tm9MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=a4048c67626c4277204009abaf5f45e1&appname=&cdb=CPg47AAPg47AABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&gdprApplies=true&rid=&sii=-6361659864385687939&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8716 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1482
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 15 Oct 2022 10:36:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665830196.946401,VS0,VE25
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 15:34:37 GMT
etag: W/"6348300d-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.398
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.398
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.398 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Origin: https://qaffen.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 15:34:37 GMT
etag: W/"6348300d-17dc6"
access-control-allow-origin: https://qaffen.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
alchaam.com/vb/images/Title/16.gif
46.17.175.20404 Not Found 0 B URL HTTP/2 alchaam.com/vb/images/Title/16.gif
IP 46.17.175.20:0
ASN #47583 Hostinger International Limited
GET /vb/images/Title/16.gif HTTP/1.1
Host: alchaam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qaffen.yoo7.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://alchaam.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: c77_HTTP.404,c77_404,c77_URL.f9857c9a2a2a7e3e0e49f1a0ba2d0e20,c77_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Oct 2022 10:36:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 3155
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsnLQzs%2BDK0Gygc3%2FgyzWO7nIJxsmeqLL3PJHDWUkSCTYQI%2BEF79luOi%2FPgRNGBhrDVyLoIr5pe27g1lWFavlEuHzDMo290rXTb6XTgxV6UrGIYuFO6bNuZMerCqVErpnFkHlQIh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9fbcb9ab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
104.16.160.13200 OK 0 B URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 104.16.160.13:0
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:30 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 1945846
expires: Sat, 22 Oct 2022 10:36:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7ea029b34b4ff-OSL
X-Firefox-Spdy: h2
qaffen.yoo7.com/serviceworker.js
94.23.159.185200 OK 0 B URL HTTP/2 qaffen.yoo7.com/serviceworker.js
IP 94.23.159.185:0
GET /serviceworker.js HTTP/1.1
Host: qaffen.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166584; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:29 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/lang/ar.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/lang/ar.js
IP 104.21.63.213:0
GET /rs3/63/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3205716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hopTWva1yU0FXaCRUb9io8m4zn%2BcRdJqBn4f3RZc6zHBwFkxHsFUA94mSSa6tpbmS%2BjAe7Mgdjjyk39yazuqzHJWhKzGyk6nx8Tr6P2S3YpisSLc8U%2BXVgtbtiZ3MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f75d280afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cache.consentframework.com/js/pa/24697/c/IxWav/stub
104.26.5.102200 OK 0 B URL HTTP/2 cache.consentframework.com/js/pa/24697/c/IxWav/stub
IP 104.26.5.102:0
GET /js/pa/24697/c/IxWav/stub HTTP/1.1
Host: cache.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains; preload
cf-cache-status: HIT
age: 3086
last-modified: Sat, 15 Oct 2022 09:45:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bntucg6%2BQWSvybkmAFHVD2ZTZ%2BixMkStYstcDV3hWUKJtuN2VPe22FvQC3EllKGz9O03rHF3%2BLF8UOFWhIJR4x2413HfxyhuD%2FvocTrOKy1szMkvxEB5pXky0LfTi0ieQEkehyWYcXOu0q6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f76f320b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP 104.21.63.213:0
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qaffen.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 10:36:28 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3205791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIujSWO2xCY2CpLnVLOEbuD380of11oXTo9Gz5CtW4PCAnBYmXM8HMBYZC1PvfUHFRcZs8nbXTvEa8t4jhc4aePit%2BTaMiV8h9bmPOMsYOc%2B53BG%2FFm6tORIiCZMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a7e9f77d470afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2