Overview

URL alnaaemi.yoo7.com/t54-topic
IP94.23.159.185
ASNOVH SAS
Location United Kingdom
Report completed2022-09-27 12:22:09 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 cdn.betgorebysson.club/apu.php?zoneid=3765907 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (47)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-27 04:52:22 UTC 64.233.162.157
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 04:53:17 UTC 34.120.237.76
mnemonic passive DNS static.criteo.net (3) 652 2015-06-24 06:04:54 UTC 2022-09-27 06:26:24 UTC 178.250.0.130
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-27 05:32:15 UTC 185.235.84.206
mnemonic passive DNS gum.criteo.com (2) 381 2015-01-22 10:58:57 UTC 2022-09-27 09:43:38 UTC 178.250.0.157
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 11:41:54 UTC 143.204.55.35
mnemonic passive DNS 2img.net (8) 212398 2016-06-23 06:31:49 UTC 2022-09-27 12:17:26 UTC 172.64.110.19
mnemonic passive DNS i.servimg.com (2) 258270 2015-07-24 09:25:42 UTC 2022-09-27 07:13:20 UTC 104.21.31.159
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-27 04:38:43 UTC 157.240.200.35
mnemonic passive DNS js.cookieless-data.com (1) 5008 2020-12-28 09:59:17 UTC 2022-09-27 12:22:00 UTC 212.129.3.113
mnemonic passive DNS dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-09-27 05:25:35 UTC 178.250.2.146
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.164
mnemonic passive DNS trc.taboola.com (2) 602 2013-07-11 10:17:31 UTC 2022-09-27 04:54:23 UTC 151.101.85.44
mnemonic passive DNS twemoji.maxcdn.com (1) 9109 2017-01-30 05:01:32 UTC 2022-09-27 05:29:16 UTC 23.111.9.57
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-27 11:26:26 UTC 216.58.207.234
mnemonic passive DNS choices.consentframework.com (7) 31439 2020-07-17 08:57:23 UTC 2022-09-26 23:45:42 UTC 51.158.28.83
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 05:04:23 UTC 142.250.74.174
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-27 05:08:12 UTC 142.250.74.3
mnemonic passive DNS 15.taboola.com (1) 1912 2017-03-15 11:40:55 UTC 2022-09-27 04:44:17 UTC 151.101.85.44
mnemonic passive DNS illiweb.com (4) 265462 2020-08-31 12:13:55 UTC 2022-09-27 07:13:20 UTC 104.21.63.213
mnemonic passive DNS connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2022-09-27 04:52:24 UTC 157.240.200.14
mnemonic passive DNS cdn.taboola.com (2) 1040 2013-07-19 23:48:03 UTC 2022-09-27 05:42:48 UTC 151.101.85.44
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-27 04:54:13 UTC 139.45.195.8
mnemonic passive DNS il-trc-events.taboola.com (1) 22667 2021-06-17 07:23:06 UTC 2022-09-27 05:00:46 UTC 185.106.33.48
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:52:54 UTC 142.250.74.72
mnemonic passive DNS bidder.criteo.com (2) 750 2017-01-30 05:01:16 UTC 2022-09-27 10:58:58 UTC 178.250.2.131
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS alnaaemi.yoo7.com (7) 0 2015-10-18 05:17:12 UTC 2015-10-18 05:17:12 UTC 178.33.115.32 Domain (yoo7.com) ranked at: 495499
mnemonic passive DNS stootsou.net (9) 145219 2021-04-05 08:22:21 UTC 2022-09-27 08:44:53 UTC 139.45.197.250
mnemonic passive DNS ocsp.comodoca4.com (1) 23611 2014-10-06 13:20:48 UTC 2022-09-27 06:26:23 UTC 104.18.32.68
mnemonic passive DNS trc-events.taboola.com (1) 1779 2020-06-09 13:52:57 UTC 2022-09-27 05:10:48 UTC 141.226.228.48
mnemonic passive DNS vidstat.taboola.com (1) 1927 2017-08-29 11:41:42 UTC 2022-09-27 08:38:52 UTC 151.101.85.44
mnemonic passive DNS ocsp.digicert.com (16) 86 2012-05-21 07:02:23 UTC 2022-09-27 09:08:20 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 34.213.92.18
mnemonic passive DNS api.viglink.com (5) 4397 2012-05-23 13:47:26 UTC 2022-09-27 07:13:21 UTC 34.248.7.88
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-27 09:44:42 UTC 172.64.155.188
mnemonic passive DNS images.taboola.com (4) 1621 2013-07-11 09:17:44 UTC 2022-09-27 05:10:54 UTC 151.101.85.44
mnemonic passive DNS cdn.betgorebysson.club (2) 149925 2020-07-24 15:19:13 UTC 2022-09-27 12:22:00 UTC 139.45.195.8
mnemonic passive DNS connect.topicit.net (1) 523065 2019-08-12 09:46:32 UTC 2022-09-27 12:21:59 UTC 104.21.90.171
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-09-27 05:32:15 UTC 178.250.6.38
mnemonic passive DNS alnaaemi.yoo7.com (7) 0 2015-10-18 05:17:12 UTC 2015-10-18 05:17:12 UTC 178.33.44.177 Domain (yoo7.com) ranked at: 495499
mnemonic passive DNS cache.consentframework.com (1) 35167 2020-08-11 12:36:43 UTC 2022-09-26 22:17:31 UTC 104.26.5.102
mnemonic passive DNS cdn.viglink.com (1) 4113 2012-10-26 15:59:48 UTC 2022-09-27 06:39:07 UTC 104.16.163.13


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 94.23.159.185

Date UQ / IDS / BL URL IP
2022-12-04 21:59:33 +0000
0 - 0 - 7 mahasinsaif.banouta.net/t3-topic 94.23.159.185
2022-12-04 21:01:16 +0000
0 - 0 - 9 giveyoumylife.yoo7.com/t1100-topic 94.23.159.185
2022-11-22 14:19:13 +0000
0 - 0 - 2 magedyakot6.rigala.net/t20-topic 94.23.159.185
2022-11-12 02:20:20 +0000
0 - 0 - 9 al3omda.ahladalil.com/t118-topic 94.23.159.185
2022-11-05 09:56:23 +0000
0 - 0 - 5 alza3eem.ahlamontada.net/t290-topic 94.23.159.185

Last 5 reports on ASN: OVH SAS

Date UQ / IDS / BL URL IP
2022-12-04 22:54:45 +0000
0 - 0 - 2 shop.mondoceramica.it/ 151.80.78.118
2022-12-04 22:29:04 +0000
0 - 0 - 1 estadoempresaweblife.com/1670192564/ib/presen (...) 46.105.204.31
2022-12-04 22:28:37 +0000
0 - 0 - 1 estadoempresaweblife.com/1670192519/ib/presen (...) 46.105.204.31
2022-12-04 22:18:35 +0000
0 - 0 - 3 wallcars.net/categories.php?cat_id=30 51.210.74.44
2022-12-04 22:03:56 +0000
0 - 0 - 4 dbly.nxhh.net/ 51.81.250.87

Last 5 reports on domain: yoo7.com

Date UQ / IDS / BL URL IP
2022-12-04 21:01:16 +0000
0 - 0 - 9 giveyoumylife.yoo7.com/t1100-topic 94.23.159.185
2022-12-03 14:12:10 +0000
0 - 0 - 1 almraw3h.yoo7.com/t988-topic 94.23.150.222
2022-11-22 23:43:14 +0000
0 - 0 - 2 marocbiblio.yoo7.com/t5203-topic 94.23.150.222
2022-11-16 11:09:14 +0000
0 - 0 - 8 pinkroose.yoo7.com/t2107-topic 94.23.150.222
2022-11-14 02:41:24 +0000
0 - 0 - 1 alsufi-gaza-palestin.yoo7.com/t1348-topic 178.33.43.150

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-28 12:01:34 +0000
0 - 0 - 1 psddesign.own0.com/t4449-topic 94.23.73.212
2022-09-22 14:51:49 +0000
0 - 0 - 11 nouralhouda40.7olm.org/t7-topic 178.33.115.32


JavaScript

Executed Scripts (45)


Executed Evals (5)

#1 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91

                                        var foo = (x) => x + 1
                                    

#2 JavaScript::Eval (size: 1979, repeated: 1) - SHA256: 6bfb953ab125fd0d6a22ccc83c290b830f13f8cc87e174637ada49d98e86d869

                                        var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7QKkCFgO6ylk7cCpbeQS6ylk7cCpbeQUAAAAGBm8HJGEYWXyDjcutHKxsa9HItFwLJ4vBWrcZLocLh8kw8Y2GQBKGkcU32LjcysHKthaNTMu1cLIYrHWb4XK4cJgME99oChE3GQ6fg4Go6Hpb7A6n2fOGETSdDp_rXq8w2x0Ol9tpV_79vrnG7_aLXqO16G94euwAAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwHwyUHwnrPfHwAAAAAgAAAAACQAA6sBJQAf5ysn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAF0MLtTP_1QQ22UQFwkWMAAAAALa0VDSPJnVCZVH1___fbwVwBQAQMOhXDlucpTso8RYGAAAQMLZAD4vfb3bYNX63y_7_________zf7P_tGE3kav04JYRq_VfgEBANZ-AQEA2NQNAOAtAO7oCFoxGKxOIXbD2WI3mm1GswMAAAC4-____9cDuZFzMRu5JiOXaeEZORebyWgyWswMi41nsdmYZttTcdPk9DPc9-iLuMlw-BwMREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNifQM4GSNGSxWo5XO0mi9FmsZgsd8PRZIIULVktl8vVZrNa7UaL2WCzHG42SNGq1Wy0GQxXs8lst1sNB8PlaIQULVnulrvVaLIYjZbLzW64GQ2GCBPG0WY5WljcysFotBbNRo61cDbYrCULw8gw3JgGE9_MLXp9TA_LxjeYjbwoGKCxF8nTIp1oZp7haLEwjSa-iWcz8fhGC99m5PKYVg6TbzVcWMQSzckincgu-97IuZiNXJORy7TwjJyLzWQ0GS1mhsXGs9hsTLN9wzjaLEcLi1s5GI3WotnIsRbOBpu1ZGEYGYYb02Dim7lFr4_pYdn4BrORvzGbjSbDxWay2jdms9FkuNhMVvsOneG7-pyNzuB44hFqh7Lt5VlzGBQug8X7-1ykzWjjZlRpwxaL6lrcuSZWnTZ2MnYWZoPC9zeXtuLgNnIu9yUHscGgiCWCi3Qi81teb7_p6be7FZaLWKI0XaQTveg1Wov-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTYBAAAAOA1kNNgMV-s8kMFysFuu5hloPYSac-1kEGrOtZNB4TiYFBadw_TwHAwGg0HkNxgUwu9J4j0YjCLP4XOQGQyWg8JqcEgLHqPBZzRoDg6DweI62IwG82fhO3h8B6HBoDkqLAaL1aDyHKTeg_igsB0ktoNIWjB6DqrPwmZwyA4a7cHmO5i_C2dBYi6YPAaj52AaJkQGi-Tg8hq0joP1t_AcJUqDR3vQ-Q6Sq0HcWfi9F8tnZTpYhQXpUWE5SxQGj8dz0xzUJoO0uTB_Js6DwWAuAISzl-7PeC1Od-0Gy672gkepdsMN7HGD-S2vt9_09NvdCsuVAR6oyZk3fyaItVotaQAAgARrAAAAAWwAAIAAbt28BWAzcQAAAIFxAAAAAPLlAAAABvQAAABv_AS4Ws4G!&excid=22&docw=0&cijs=1&nlb=false');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
(function() {
    return {
        set: function() {},
        on: function() {},
        trigger: function() {}
    };
})();
                                    

#3 JavaScript::Eval (size: 1964, repeated: 1) - SHA256: bb829319fb028c4b3d4ae525c43b8b30c5d92248f4b85abc2001456e3cfcaf3d

                                        var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7nmMCFgO6ylk7cCpbeQS6ylk7cCpbeQUAAAAGBuIHJLcZrWwmw8Qtcq4ca9Fu5ForXA7HWmSYWBy2kcM3cU6GQFI212hmWDnXwtVg4RYtJsO1wjIyrhWG5cozWthMpplrCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeMoOl0-Fz3eoXZ7nC43E678u_3zTV-t1_0Gq1Ff8PTYwcAAACAB4Ai-FYIAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAA5ILDYBPDoL3nP3-AABo0AIBAAgQIAEYWA0oAfg4Xzn5_________2f5____jwHI222TAaAILOwBePABeCAqIC1iBAAAALClpaJ5NKkTKosqAACCZSuAKwCAgEG_ctnLMAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwR0fQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HsiNnIvZyDUZuUwLz8i52ExGk9FiZlhsPIvNxjTbnoqbJqef4b5Hn4ewzH7fQcTyfE1_w0HGt7zeBlHR9bbYHU6z534ULVnulrvVaLIYjZbLzW64GQ32J5CzAVK0ZLFaDle7yWK0WSwmy91wNJkgRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcKEcbRZjhYWt3IwGq1Fs5FjLZwNNmvJwjAyDDemwcQ3c4teH9PDsvENZiMvCgZo7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7I-diNnJNRi7TwjNyLjaT0WS0mBkWG89iszHN9g3jaLMcLSxu5WA0WotmI8daOBts1pKFYWQYbkyDiW_mFr0-podl4xvMRv7GbDaaDBebyWrfmM1Gk-FiM1ntO3SG7-pzNjqD44lHqB3KtpdnzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYWZgNCt_fXNqKg9vIudyXHMQGgyKWCE4X6UT0Mp4uYonkaZFOhIPJauZazTyGmW85Mq1cruHIsttMVhvjymHb7SZiidJ0kU70otdoLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc6ZNAAAAAE4DGQ02w9U8A62HUHOunQxCzbl2MigcB5PConOYHp6DwWAwiPwGg0L4PUm8B4NR5Dl8DjKDwXJQWA0OacFjNPiMBs3BYTBYXAeb0WD-LHwHj-8gNBg0R4XFYLEaVJ6D1HsQHxS2g8R2EEkLRs9B9VnYDA7ZQaM92HwH83fhLEjMBZPHYPQcTMOEyGCRHFxeg9ZxsP4WnqNEafBoDzrfQXI1iDsLv_di-axMB6uwID0qLGeJwuDxeG6ag9pkkDYX5s_EeTAYzAWAcPbS_Rmvxemu3WDZ1V7wKNVuuIE9bjC_5fX2m55-u1thuTLAAzU582bPBLFWq2UNAAAggA0AABDArZu3AGwmDgAAIDAOAAAAQL4cAADAgJ8AV8vZAA!&excid=22&docw=0&cijs=1&nlb=true');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
(function() {
    return {
        set: function() {},
        on: function() {},
        trigger: function() {}
    };
})();
                                    

#4 JavaScript::Eval (size: 9, repeated: 1) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351

                                        debugger;
                                    

#5 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 22e44aa6b4dacbdc924c9bb0cd8878ce84fce40f5b9d26b5d4f43dd20028d922

                                        (() => {
    const a = async
    function name() {};
    window['7jd82277cta'] = true;
})()
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 104, repeated: 1) - SHA256: 147f74332da8a3a6025c02528aa92901c92553e8066a4924adf0b4d08a8439fc

                                        < script src = "https://stootsou.net/pfe/current/tag.min.js?z=2308013"
data - cfasync = "false"
async > < /script>
                                    

#2 JavaScript::Write (size: 759, repeated: 1) - SHA256: a7e9c7904cd65627b33964bbb90839a2fa154c33d9c353413da6dcdc4fba2295

                                        < !doctype html >
    < body >
    < script >
    document.head = document.head || document.getElementsByTagName('head')[0]; < /script> < div class = "popupContentWrapper" >
    < div class = " trc_popover_title_wrapper " >
    < div class = " trc_popover_title "
id = "trc_userx_popover_title" >
    < span class = " trc_popover_title_text " > < /span> < /div> < /div> < div class = " trc_popover_content_wrapper " >
    < div id = "trc_userx_popover_content"
class = " trc_popover_content " > < /div> < /div> < /div> < /body>
                                    


HTTP Transactions (132)


Request Response
                                        
                                            GET /t54-topic HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         178.33.44.177
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 27 Sep 2022 12:21:58 GMT
Content-Length: 0
Location: https://alnaaemi.yoo7.com/t54-topic

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8978
Expires: Tue, 27 Sep 2022 14:51:36 GMT
Date: Tue, 27 Sep 2022 12:21:58 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 12:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1dR6Pf_0kBFV-syCfIQ9FujK33KKAiTqb4dXepIzGb_ZCzmUL--1eQ==
Age: 388


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dBxcFRcJOLE6pc9XNF0tZzgCizSZO2Vzx2m6TBiY0kx7qNjjRM6dvA==
age: 10665
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7165BF99D639896E10B20FB510CAB44B6C6891EA650A592AC804551FF4783C63"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2913
Expires: Tue, 27 Sep 2022 13:10:31 GMT
Date: Tue, 27 Sep 2022 12:21:58 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 12:21:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3702
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 11:20:17 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.234
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 10:40:15 GMT
expires: Mon, 25 Sep 2023 10:40:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 178904
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size:   33845
Md5:    d989f35706c62ce4a5c561586c55566e
Sha1:   d32e7958e5765609bf08dcdefd0b2c2a8714ce34
Sha256: 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3822
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 11:18:18 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5810
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:45:09 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3056
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 11:31:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id= HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:21:59 GMT
expires: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   36023
Md5:    22518639341a33f753b1f6ce14fd26c1
Sha1:   12e999fbc935f163b74f5966982e0388ce169e20
Sha256: 15da40270b30601ed382cedf26f744f7a47c5893fb5d1f80a0ea9697c3f834f4
                                        
                                            GET /gtag/js?id=UA-144347007-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:21:59 GMT
expires: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   42215
Md5:    8e6217f20671bc9b0d905b2154268a82
Sha1:   0bde7d998718851bfc405cee3663573658d04a11
Sha256: 8168daeb20ad25c0826ac5f5bed97b54242956df6870f6101831e6ba657ed32e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 12:10:46 GMT
Expires: Tue, 27 Sep 2022 12:40:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 72xea8VQwNghrnTI7FnobxGb-OSvZjaUx7wAPG3rO9MuTSzrO1E_MA==
Age: 673


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/pa/24697/c/IxWav/cmp HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:21:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=3600
Set-Cookie: euconsent-v2=NO_CONSENT; Path=/; Domain=consentframework.com; Expires=Tue, 27 Sep 2022 12:26:59 GMT; Secure; SameSite=None
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size:   138861
Md5:    f18728dbedf5700873d1144123a92a02
Sha1:   b5735564f05e244faba61f15ae68ffcb3f4e8603
Sha256: 14b47d8f81bb666e1550debee41573e646af3da336386ace3900c4f88b297ea6
                                        
                                            GET /0-rtl.css HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/t54-topic
Cookie: exadd=166429
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.33.115.32
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 63116
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   63116
Md5:    0843ea564cb8987c90bfb89128ff5863
Sha1:   0b8bffe055b1eefdc054a5fcbb5ebbfbc9e4c252
Sha256: 1020ecfb5eb4eee36a44df571ba4043bde93871fa81747253d71167eaaa64ce0
                                        
                                            GET /i/fa/subsilver/icon_minitime.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 298
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-12a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 24205469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoWqUexkpS%2BKCMibN3MjTR6FJWe149l20Ef0T9EYOl%2F22%2BodTVmdyubFmJPQJ2qrxLqcGaP3UOoJ1dan1%2F5iAfEzMLt%2BGnRghShtCShTAw3iJjN41%2B2GczK9gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a5875cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 12 x 9\012- data
Size:   298
Md5:    71647c2ce78f706f8b4b0d84b3369cf5
Sha1:   18fe4a449c64acf98e9570486627f29d3884dff9
Sha256: de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6
                                        
                                            GET /i/fa/purple-pearl/icon_minipost.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 121
last-modified: Mon, 16 May 2016 11:00:48 GMT
etag: "5739a860-79"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 358737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6H8Udr42mwrN7WHYtNtoNJGrCB66hAeBqgzqVn%2ByaORy7zqgOSw9kjb9z4Iyfl9Lza3Wv7yO2THUjL4%2BIsija4QiYcwt%2BP1S07Qz92GHIakkGZ%2FZRm8S%2FN4HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a6275cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 12 x 9\012- data
Size:   121
Md5:    9af02a3d7d6e349fa5bb13110db55eef
Sha1:   503d9af39dbdab2602054cc50e48c11edd382a3a
Sha256: f71a5062940098aab6000f7f9c6c11f62686efa8e1842e6e5beadf69226dd496
                                        
                                            GET /i/empty.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 43
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "57304e3e-2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 May 2016 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 24205703
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odk0WJ0uXU%2B0iAv1x%2B60ag90GuZSd6TwJY9Vu%2BWUTWnfXWkOMzEeh76Zgq0tCe0kMAozMe2hDISTXGmiNkmcxQbQhaHubuyuVhifv09AsASap5Hi1IIau%2BcROg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a6a75cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            GET /s/t/20/23/90/i_icon_mini_login.png HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 3078
last-modified: Tue, 04 Mar 2014 14:53:14 GMT
etag: "5315e8da-c06"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwDstJbY1XEgbBVc2hLglk51uXEVgyvXNgFmy%2FAmPlT7pteX0tGBTb3QwA2Zvyl87WCrhZ37iScxBtMEjwFYWtwmAkaTy%2F2GLV9slAzKmGbE6Fdp4BwLQO3mgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c5aa7c75cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 81 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size:   3078
Md5:    4f934aba3f763b6b716b0f7f0feaec70
Sha1:   a185cbd4c41d7976addf44b70e4af97eff8e0258
Sha256: b853c191a8cbfeb541b69c100bb7ff92224e2f26e9cc835c546605a66c3e12c1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6104
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:40:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /i/fa/purple-pearl/icon_mini_portal_en.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 997
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-3e5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIKl5vdjbXVF9coelOO%2FYr%2BC%2BQwjH14pF%2F9m2ub%2BL1KWjzPMzSb%2FJDEUim%2B%2Bgdhsvy3akVC27RlEvZSh9C%2BjjJFclfKZx24o5uHQTuMD%2FSa0jJsI8OTMpIsphw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c5aa8275cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 91 x 31\012- data
Size:   997
Md5:    afc88d4718c78dc6062838cce3709a79
Sha1:   e0fb52bbe63d2b9af6b0692f6a5693f8d461f0f6
Sha256: 687e1bec90385b189673d2a5a150b3867586a51a1c734da48c5d722820e49bb0
                                        
                                            GET /s/t/20/23/90/i_icon_mini_register.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 2317
last-modified: Tue, 04 Mar 2014 14:53:12 GMT
etag: "5315e8d8-90d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYqI0RxUB%2Fs%2FM0xGDo1QWHzkuMc%2BazQlis10eqTSBC4FhQIpCm3Fv2iBVEr%2BLcxFX3FKsx%2FUCrRraPLDrRFxd0fCpNDsgdcg3Qgz6qBZRIKYycGLWJuBvcWn2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c5aa8075cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 81 x 31\012- data
Size:   2317
Md5:    92818036abb66d72baeafff09c61f0e8
Sha1:   ab8ef1bdc4dbf6480774b7d0c488ee2595371d0b
Sha256: c6c47def9e30c2d3ccbde6bae3e9d12f57676459527b2da9bfd004372d882a37
                                        
                                            GET /i/fa/purple-pearl/icon_www.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 1387
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-56b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjHQ4%2FMUsCUeKAEdbxQEN8QcWzcxTomvxENYy31wyNAm%2F3SnvqXZjLd76mlx8sWjNIAlYJvZOKMzX6MntTVCKJPcU46c%2BHMz%2BP1i4%2FDnO9SwHpBrR%2Fg%2BPDn%2FFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a5375cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 59 x 18\012- data
Size:   1387
Md5:    365ad9e436336580be472c7c480ec673
Sha1:   5bb17a56012bee68383d28633c739ad4d2ecb402
Sha256: 74cc46f9271cbc52baffab13bd7ae85d8cd6a90b6a83ebbc39a09a86257011e9
                                        
                                            GET /s/t/20/23/90/i_icon_mini_index.png HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 3034
last-modified: Tue, 04 Mar 2014 14:53:15 GMT
etag: "5315e8db-bda"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brdiW7MFj3ampK3h%2FeT6ta31uuFrytcK501h9P8IO4FrBYOmqjriI0FYG%2BulMBFX%2FwGdTrp8DykN3S3Vg%2BVOv92EALVpdnGnpYLwscMN01tmFltOLmEHfPdwOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a6675cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 81 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size:   3034
Md5:    aec936d2de77cda76333770fead4e6ea
Sha1:   e3a04b6d0f61fb17343637dc77db70d18b5d8055
Sha256: 5654550b559d02fa4ed9eeda35a4ac28971201d8fb9a035204fd16b6f2866620
                                        
                                            GET /js/pa/24697/c/IxWav/stub HTTP/1.1 
Host: cache.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.5.102
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains; preload
cf-cache-status: HIT
age: 1443
last-modified: Tue, 27 Sep 2022 11:57:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HMuYdLRuJF10aoUFliMp%2BhqqMWZtfIyZuduTjadBYVhkaJtGrVkhvya2R92vytpc3JjQuto2N71LGbwSA8Je2Cy9jaSuMR9Z7y19aVnUGcHV5BUleIkw1j66qYgaKO7WcfPxYJepwyOlgdb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c3e9b3b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1309), with no line terminators
Size:   2144
Md5:    ab573ca475370def72dff7ad6b93fcef
Sha1:   277f25cd799943185df878cc8fc72e1da4dbdbc0
Sha256: d32f544cc1dc839a85969e522276e4c7eb54f8f1e078949e0dea02ecfebf7fe1
                                        
                                            GET /u/f88/11/88/59/12/2iscw010.png HTTP/1.1 
Host: i.servimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.31.159
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 3617
last-modified: Wed, 14 Oct 2009 06:38:10 GMT
etag: "4ad571d2-e21"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:18:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2000263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huEyyF88IUdOqoHzrUs2BwI%2B0VCpXwYSsBmu9Fhi5l%2Fa9RiTsXydEv1NIstLSrY3n1PiUL1RblItWbhuzL%2B3iMXGbsqUBVIuFIEjfwcCnxVd0V2UXnfOjlNlP52SWHsO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751433c6cebf0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 39 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   3617
Md5:    9717307b51b288e56cf2f9c879a8a727
Sha1:   8c2cf2e0c1ec40854f1abe1bdeb640796a20c1ef
Sha256: 8d5562b2c5e650c089557ae91afb70020940728c512d82312326e81a35b36d37
                                        
                                            GET /u/f68/11/88/59/12/gradie10.gif HTTP/1.1 
Host: i.servimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.31.159
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
content-length: 387
last-modified: Fri, 05 Mar 2010 14:13:41 GMT
etag: "4b911195-183"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:30:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvLn2xQDKwdcVSkiW5TShAyg8G9%2BsCWk7fMdN0guO71Mg8WpfZ2IGvpQ7UB6XsInpRP8zu6BLCEPD6w5QV6i1cCZ773TSsVVQi8%2FxtSQu%2Fq0dYOenPQJBirnWO%2Fti1gP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751433c69e830af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 56\012- data
Size:   387
Md5:    daf695774a01f4cd4ae9668a792989cf
Sha1:   6442dd9ceb740aa41bdcb5db3dc820880b92cfd2
Sha256: 6913f7f4c0a5cac976048914cb4c67ccd342dab00efdf9407d2598392fa3f7e5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C67BC59415DB10FB39D990D12B3099062C9859C2D1360C7B27288FFA9D45016A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 27 Sep 2022 14:33:16 GMT
Date: Tue, 27 Sep 2022 12:21:59 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DVkwaPxsx+/9LzSWWczAPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.213.92.18
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hnrMnq2nJ0X2KGtiaLeNcwxHevo=

                                        
                                            GET /rs3/63/frm/jquery/toolbar/FAToolbar.js HTTP/1.1 
Host: illiweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.63.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 17 Aug 2022 08:52:02 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BZr9YJCj5uQZ35FiU866coL9KofOwZX%2FNyzJplr6PJEuYvE%2BgOKGhKzDjLxHc1RK8vHRqcvcQRt9uYoWM0EJFJi0MZaoFWnje0QDKwdkDfuVUtN8bsFWQkEjQIfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c40ada1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25563), with no line terminators
Size:   6506
Md5:    0ec151896476e1adc2b71d6d3e38623c
Sha1:   34cdf92ca78eb8d2ca3f02adfb588cd137596333
Sha256: 8310a16a774e6ef6ed75f09dc8aab8190837f1c3964e9ef81dae05c7ac87399d
                                        
                                            GET /api/v1/public/profile/check?origin=https://alnaaemi.yoo7.com HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:00 GMT
Content-Length: 17
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: private, max-age=86400
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   17
Md5:    0bd75264337702d501fe87ce0b52dc08
Sha1:   97cc20d9be99aab0ec65848e65d7e3b241788d73
Sha256: ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
                                        
                                            GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=alnaaemi.yoo7.com&var=&ymid=&var_3= HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:00 GMT
content-length: 758
x-trace-id: e6aef5fc1b54a8ebacda005b0feeca31
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (757)
Size:   758
Md5:    f799e826ad228ea14a0b1abf8a50b535
Sha1:   99de99b083085617755e5a07ffdd6caba194d6fe
Sha256: 61deced88e1826447df1c5c744ced5c40cd8b344213bda5f248d5029a5f61f47
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 10:41:09 GMT
expires: Tue, 27 Sep 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 6051
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /?utm_source=pwa HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; toolbar_state=fa_show
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.33.115.32
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 27 Sep 2022 00:00:00 GMT
last-modified: Tue, 27 Sep 2022 12:22:00 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (23574)
Size:   38250
Md5:    0152e8ef3333cd7fa22450290255a806
Sha1:   67fa50e5d75c9870e350ea7d5b4610d752a5ac5b
Sha256: b2b668dee29ba0f396fd4e5706eacf55644ed3f27785e2f128cfc6a8a3e5885a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6355
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 10:36:05 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:00 GMT
Content-Length: 283
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 00:47:13 GMT
Expires: Sat, 01 Oct 2022 00:47:12 GMT
Etag: "fe3970e1b297603ebb8cab0020be667809f5d9ed"
Cache-Control: max-age=303311,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751433cc5d37b51b-OSL

                                        
                                            GET /ar_AR/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b424ce117272e05f826afc27e198fe96
etag: "4f874ddb0f32b85b59c091cba2d9bfea"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 27 Sep 2022 12:25:39 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: H/G/Sg4KRyEeVE0WHzDKQA==
x-fb-debug: /pK8BvxkwmHAM7dz9GhwK4LIwUx877wY4gXwpLqu9oD106a9OHJabb5VdiJ4hdWKhSqo7XLhp0k4y1bkAlJq+g==
content-length: 1685
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 12:22:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1685
Md5:    1ff1bf4a0e0a47211e544d161f30ca40
Sha1:   a8a768476017cbb8f672e328bc4e9a5da540c9b7
Sha256: 24df3c6351e20d2b753809d40c7ff812bfec11823a0d16dc380f1e3da63407c3
                                        
                                            GET /api/vglnk.js HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.163.13
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 396976
expires: Tue, 04 Oct 2022 12:22:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433ccbf06fab4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (693)
Size:   28567
Md5:    072eaf64a771815874455704fca9301b
Sha1:   6c6226d00f14bb800cd4390b3cd42df941be43b1
Sha256: bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6355
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 10:36:05 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /libtrc/impl.20220922-16-RELEASE.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: COg8lMA673OEz5PM+KFXiDXiosSVySM+TdixW+84HZwxLH8GtDt35DYHxlOgtiehZ9ZB4jLgaQI=
x-amz-request-id: W1R6REBMZ25HV30N
last-modified: Thu, 22 Sep 2022 14:15:17 GMT
etag: "b6247ec22fba797cf6f51ae4c86a6509"
content-encoding: br
x-amz-version-id: wNWqo8c3RDyWSxV8p_CKOzvKdfoSb_oq
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:00 GMT
via: 1.1 varnish
age: 22000
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 11816
x-timer: S1664281320.470672,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 14
server: AmazonS3-br
content-length: 145469
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65508)
Size:   145469
Md5:    b6247ec22fba797cf6f51ae4c86a6509
Sha1:   1807f86f8b7146c10c986fd203d31de61ee67d8a
Sha256: 742c16a6b9e92d702d4e514560b0826268e676278e169e990c548d0bb6dd8a2f
                                        
                                            GET /ar_AR/all.js?hash=add796b33dde7eb764e6cc4b8277f1b9 HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b685ff3d00769e19206f39289c1fe6f7
etag: "a071af3e22b5a588af934a27b67ed687"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Sep 2023 10:24:04 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 8ZX8faytbzhCV2JEeIttzQ==
x-fb-debug: 6vm4aQAr4xV9R55L9lhDgNiUVhSGdy7BwAb29J8PP16mFRXEoChe6dSkQj10XtSZ+k+FWhAZq7P86pEGII2azw==
content-length: 87543
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 12:22:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18790)
Size:   87543
Md5:    f195fc7dacad6f3842576244788b6dcd
Sha1:   c35ea6f984c28ca1438f732ca0bb02ed82f7183a
Sha256: 432c623c310cd44264db27624510de2cf6376d947b13f0a3b4123858fe6a1d4f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 11:41:50 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 05-v5vqkrpnoXngvm-eYHrz6LobtbDgScVm5eTHQaczqATjcJqq1nA==
Age: 2410

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6227
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 10:38:13 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /api/ping HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.248.7.88
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:21:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2059
Md5:    c55ed659013f52741efbc95026dce88b
Sha1:   488085498cfac0dbace6fd69e2fda5051497c2e2
Sha256: a5a94f598a921e2fd2ae76a3a517a1685c6c7be63ce305c59767f68a9ddb24aa
                                        
                                            GET /api/v1/public/v2/tcstring HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:00 GMT
Content-Length: 25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   25
Md5:    1c7be6c2029fd0db7b831a9e8359395f
Sha1:   48818c4617f2dac593cc84c8f39244f24be3760e
Sha256: 6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&gjid=513570964&_gid=305179677.1664281318&_u=YEBAAUAAAAAAAC~&z=406622205 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://alnaaemi.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 12:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b4b5468d07b2%26domain%3Dalnaaemi.yoo7.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Falnaaemi.yoo7.com%252Ff17cc4800778cdc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: rWznl/IB8QhQM7QIjTrWKZSsZXwGmDLu75e2fGxIlANMKZIJ0pGBUiwKqGaQfusqSkzm3mk8RGAORyAu/VVBvw==
content-length: 0
date: Tue, 27 Sep 2022 12:22:00 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.248.7.88
HTTP/1.1 200 OK
Content-Type: image/gif;charset=UTF-8
                                        
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/icons-180.png HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/t54-topic
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; toolbar_state=fa_show
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.33.115.32
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 2724
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   2724
Md5:    d360440370a6385e2c1cab2ffa213ffc
Sha1:   fecbcddb944bc6488879812f27230ab655adb483
Sha256: 99bc3b48a278562ef12d8568d92ec1721127613c54f45293a65bbca54e05b1f8
                                        
                                            POST /cdb?ptv=130&profileId=206&cb=38587479857 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 567
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.131
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://alnaaemi.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C23204269E6EC9727B91DE24158F15B7BFB6159E95606089231DB82560513160"
Last-Modified: Mon, 26 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8108
Expires: Tue, 27 Sep 2022 14:37:08 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive

                                        
                                            GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.248.7.88
HTTP/1.1 200 OK
Content-Type: image/gif;charset=UTF-8
                                        
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 55176
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10318
Md5:    a90590f26bae9ad9e95ffdfbfb7dd21d
Sha1:   cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
Sha256: 33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 52362
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 52753
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 52201
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9737
x-amzn-requestid: aec3c3e9-42e5-4de5-8882-118002369ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreGJxoAMF-oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-527ccd70654c22891262279d;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ukn4d6yPeJJHN5trYK3xbhik2pX41zHki3nG5r6fCzQgm3vYw5lhAA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:43:16 GMT
age: 52725
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9737
Md5:    3140ec95f33c36599de95b25cdade940
Sha1:   932c74fa24b61ee1b1c672b6c19b1e736caab8d3
Sha256: f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
age: 40566
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            OPTIONS /api/v1/public/consent-string HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

                                        
                                            POST /api/v1/public/consent-string HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 317
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 248
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   248
Md5:    2b206dd9ba966cbdc7a89e33289b94e7
Sha1:   e6f8176780534d0414dc56f979f81530f64b77a7
Sha256: c3475122a8d7ee518890e187cdf5c83a61e04cc8f710fc82e32a685d16e785d1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1654
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 11:54:27 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            OPTIONS /api/v1/public/user-action HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5625
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 10:48:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 0
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 0
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /api/v1/public/user-action HTTP/1.1 
Host: choices.consentframework.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 159
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         51.158.28.83
HTTP/1.1 200 OK
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

                                        
                                            GET /GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&r=&rand=1664281318796&gdpr=1&gdpr_consent=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true HTTP/1.1 
Host: js.cookieless-data.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         212.129.3.113
HTTP/1.1 200 OK
                                        
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.146
HTTP/2 200 OK
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=qVbLEl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEVYZTcySnNIZFdZNHA2NXZ4dUNKNlo; expires=Sun, 22 Oct 2023 12:22:01 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 298099
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 764
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 39
x-trace-id: 3e833c479d60604d82378b9f5481efce
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 380
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 39
x-trace-id: ea78df17b0b1d3ac2bc14920efafb135
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 456
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 39
x-trace-id: db0e69dc187428dd81009eedaa7bbf47
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3456
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 11:24:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3456
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 11:24:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /images/pixel.gif?ch=2 HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.130
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Fri, 22 Sep 2023 12:22:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /images/pixel.gif?ch=1 HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.130
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Fri, 22 Sep 2023 12:22:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 234
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.248.7.88
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   41
Md5:    bf80be090639bd34f2dd5fc5d8bf9d28
Sha1:   553b9438752e91bbfbd3a71c79dbfacd6e6df475
Sha256: b677b3ce9b69a0c82628595bfd68e5e0e6ff863e39112117e911b343d3c2d447
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:22:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:22:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A21%3A58.711&type=usage&msg=rtus&llvl=2&id=3777&cv=20220922-16-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.226.228.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
x-fastly-to-nlb-rtt: 21057
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=496396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751433d19fd0b4fa-OSL

                                        
                                            POST /csm/events HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 372
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.131
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://alnaaemi.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /gid.js?userId=9ff7805788394a20bf701704327ec4d8 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-length: 65
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e3482e5ddd6a44e39ab2cd1c5e79d8da
Sha1:   7f678f35a6a25564a7d0182442af36c368323bd4
Sha256: 90e6c93f5eedb809528d14340b128423ba1b17df5da9bb76cfe87d96a7e56872
                                        
                                            GET /lite-unit/1.4.0/UnitWidgetItemDesktop.min.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
etag: "b683c290896a82c974838a04b4ea4aff"
server: AmazonS3
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: EpZuzr7lQIzV08xTZRv1e5wA0qOWVGpJ94XhkewIQ9BC5tfAYBuP9w==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 644498
x-served-by: cache-bma1629-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 351
x-timer: S1664281326.137077,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 23743
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23743
Md5:    b06a94b265b5ec3739dab4b38308709c
Sha1:   de2336288983f78217a4cc83755366e583c5920a
Sha256: 066de7eb0d351eda7686b2479b069a600405fed39d38c7b9163a1d3cda84e992
                                        
                                            GET /libtrc/userx.20220922-16-RELEASE.es6.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: EPnBOSdmJEdhu4JONnnrYz+pWBZzo8yGSYq7ayNxy2VgpwWzJKjW05/dee057aKKK1V9qEj5xzk=
x-amz-request-id: 7ZF16SJ6T06ATG9W
x-amz-replication-status: PENDING
last-modified: Sun, 25 Sep 2022 11:22:01 GMT
etag: "db9444e762c7677565a6ea28981b5bc1"
x-amz-version-id: 8c6AX02xLYX5yIzY_Dwb1zXMiU4DNl8e
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
via: 1.1 varnish
age: 103
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1664281326.137609,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 14
content-length: 5398
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17842)
Size:   5398
Md5:    3e7d8362ae0935052e7b830330333235
Sha1:   a22d41053809368c2a205527d7e07e774704b963
Sha256: 0513cd309debc5c144190b687feb1a1fa3f910c5ae7a44ab98bc1b4d459946b3
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d39b8820448a24f3bced8660a0dbd706.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 522777037747759324331212796994892136893,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 522777037747759324331212796994892136893,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "7724a91a62a2822b1c0cef0a2efc87ff"
expiration: expiry-date="Wed, 05 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 04 Sep 2022 12:23:27 GMT
req-referer: https://archeternite.forumactif.org/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 230
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 427239
x-served-by: cache-iad-kcgs7200134-IAD, cache-iad-kiad7000174-IAD, cache-sna10737-LGB, cache-iad-kjyo7100111-IAD, cache-bma1629-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 2
x-timer: S1664281326.192600,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d39b8820448a24f3bced8660a0dbd706.jpg
x-vcl-time-ms: 2
content-length: 7308
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7308
Md5:    16cf65a83107a7e377cf7fee5c47847a
Sha1:   414e23adbba3a17b8918d74ba9c367e91ab56e98
Sha256: 4e2f06986f355aabb43ce2ca454e6eada9a574584d541dc27272d43fdc93ef43
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         185.235.84.206
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 98308
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6901
Md5:    7e53334c15fba515c3c50b2d1e8cda2a
Sha1:   59c253faf81504514309a5256e6540360cfa872d
Sha256: 51797b9efdd608fc845710e9e3aa4836e6e561dc41c68519434e4f4dd4009a21
                                        
                                            GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&encoded=1&uid=a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664281324025&tagid=&cntry=NO&platform=1&sesid=7d916d52de4a3d91324241f01c313c46&itemid=/t54-topic&viewid=1664281323515&geolat=&geoing=&deviceifa=&appid=&sd=v2_7d916d52de4a3d91324241f01c313c46_a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d_1664281325_1664281325_CNawjgYQ3pxDGPvPlve3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=8025f55fc0f79d4ee58d27325c8ea677&appname=&cdb=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-2735058651020707920&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8596 HTTP/1.1 
Host: 15.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                        
server: nginx
machineid: 1444
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664281326.190030,VS0,VE91
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12421
Md5:    fd58bfb0fabd52edf1a5a8003fb1fb97
Sha1:   57dc1ef8eed535423b012079d624f6a893f4b185
Sha256: 0763bbf88263a0d0f9e937ebfb85af458842d6f61485ebe97e4555600fb480bf
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 538475434606933197924381234642994484733,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 538475434606933197924381234642994484733,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
etag: "005ff6b670e59fed5449744a5f90224b"
last-modified: Fri, 09 Sep 2022 04:33:06 GMT
server: cloudinary
status: 200 OK
timing-allow-origin: *
x-request-id: 387a8f59b0e6537770187c54d9ced0bc
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 1245349
x-served-by: cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100020-IAD, cache-bma1629-BMA
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 1, 1
x-timer: S1664281326.301455,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
x-vcl-time-ms: 1
content-length: 22682
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x167, components 3\012- data
Size:   22682
Md5:    005ff6b670e59fed5449744a5f90224b
Sha1:   a43b45b22d81ddb4193527e89a30917fa5aaef1b
Sha256: 41f8a968f03beb656f2c91d7f6a7779c8296f27e434689b108e7bf1bcea0157b
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
etag: "7a05d120983314a09bb976d65de8efae"
last-modified: Wed, 21 Sep 2022 17:34:33 GMT
req-referer: https://s2day.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: ce06252aa6d94b1e1db04447bd1087a1
x-envoy-upstream-service-time: 89
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 375376
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kcgs7200066-IAD, cache-lax10656-LGB, cache-iad-kiad7000164-IAD, cache-bma1629-BMA
x-cache: MISS, HIT, MISS, HIT, MISS
x-cache-hits: 0, 1, 0, 1, 0
x-timer: S1664281326.300867,VS0,VE92
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 92
content-length: 4124
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4124
Md5:    50233e857fa5b773b435a22d4c78ba8d
Sha1:   5dfbf82244bb341378c3f351a5b2821dfa58d533
Sha256: 06194e3f9f055875c2f1cfb1598fcc7e2788c65bb7eda0f1afb62649b4bf8f6b
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 613669426550226744769788410621596759672,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 613669426550226744769788410621596759672,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
etag: "644ba62d20de87506b162a0124ab0675"
expiration: expiry-date="Mon, 12 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 12 Aug 2022 09:15:52 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 737
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 1518220
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100128-IAD, cache-bur-kbur8200027-BUR, cache-iad-kcgs7200175-IAD, cache-bma1629-BMA
x-cache: MISS, MISS, HIT, HIT, MISS
x-cache-hits: 0, 0, 1, 1, 0
x-timer: S1664281326.301236,VS0,VE101
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
x-vcl-time-ms: 101
content-length: 3868
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3868
Md5:    c9dbd7144500d4a5a8f9294079c0acea
Sha1:   46061279b5984b4922d50fcf16333d4355cfed1e
Sha256: 89214f7fb343b54d1ebc88f84e199909f0cb6b4825d12e089976e11ed03bd98b
                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 325
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.248.7.88
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:22:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   42
Md5:    949ca4e557e68bfbfdb703e49e5ada32
Sha1:   4081cbb887bd8213274deaea1aadd49a4c06f6bf
Sha256: 1bd3fb9afe759b32158c5fae4a3b8a1966f987a8ab72a5f82327a53055ac0a80
                                        
                                            GET /forumotion-ar/trc/3/json?tim=12%3A22%3A03.516&lti=deflated&data=%7B%22id%22%3A948%2C%22ii%22%3A%22%2Ft54-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664281323515%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22vpi%22%3A%22%2Ft54-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A14097%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A302%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A14046.5%2C%22mw%22%3A857.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft54-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664281326.677945,VS0,VE398
vary: Accept-Encoding
x-vcl-time-ms: 398
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12918), with no line terminators
Size:   5855
Md5:    79a4b096dc029edfcad0477abfd54195
Sha1:   7def428d12584487c5b093435fcf8ca7e84ada9b
Sha256: 0f1b31f34e4307cdccb6e4ed73a712dfa69bfdef8ce53ceeb9c3f2b8a5d2c95a
                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A22%3A04.194&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5717&cv=20220922-16-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:06 GMT
x-fastly-to-nlb-rtt: 76988
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2 HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3647
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 204 No Content
content-type: image/gif
                                        
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664281327.173953,VS0,VE79
x-vcl-time-ms: 79
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 388
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:07 GMT
content-length: 39
x-trace-id: 832376e083038e03129b6284e03dec06
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            GET /gid.js?pub=0&userId=a7f92726dc4a45ad8ce7597ab43cb555&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: ID=9ff7805788394a20bf701704327ec4d8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:07 GMT
content-length: 65
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e3482e5ddd6a44e39ab2cd1c5e79d8da
Sha1:   7f678f35a6a25564a7d0182442af36c368323bd4
Sha256: 90e6c93f5eedb809528d14340b128423ba1b17df5da9bb76cfe87d96a7e56872
                                        
                                            GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1 
Host: illiweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.63.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU92hs2ElT2yNoEfKniTjf%2FIp%2FiD6LXvQGsIm%2F4MDdWtuGUwj2zRzxtFUcgLlUje3plD%2FUD%2F6u4ZGzzb0h8Zn0j825IlCBxix6o2kRSZSu8zF2lYJHc%2Fb8XxZ3dZyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c43b031c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:00 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /syncframe?origin=publishertag&topUrl=alnaaemi.yoo7.com HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=6aef24f9-c741-4801-aae1-daea23a53958; expires=Sun, 22 Oct 2023 12:22:00 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 641931
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?rb=aZ8T5BL3sDMZGSrLnQ98jL4LEJgrKuqePMzF_vvwOMbdwyeMjuca-e8Hr4g8T90mAQnQiaCbCsM24xCv2_OfPRKsa2n75D6KGJMXaUfuNTg0P50WHHqZ3jUMAtJGmcdPqKudua-XH6XP8-QAmEmF6UBdOEM8zf361yg5h7PTZv2AD3wbvbUYfUYhiv6Drz8-OGsILXp6FCV7iZBBv_2nlH3vWOpA-bO1&request_ab2=0&zoneid=3765907&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3667bf79-33f9-4f61-ba24-069ae14cc75f&userId=9ff7805788394a20bf701704327ec4d8&m=link HTTP/1.1 
Host: cdn.betgorebysson.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: OAID=9ff7805788394a20bf701704327ec4d8; oaidts=1664281320
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
x-trace-id: 7a8f281c88833f80f9cdcc3267d1f84d
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:01 GMT; path=/; secure; SameSite=None oaidts=1664281321; expires=Wed, 27 Sep 2023 12:22:01 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Tue, 04 Oct 2022 12:22:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /scripts/connect.js HTTP/1.1 
Host: connect.topicit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.90.171
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 3206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5W7InpbP2aEw0pKfffXEqG9crBd8OEUxtkR5SsaSoLNgSDkZhx8nzTifBkp1qBA2eQY0NMfLhXZWfAF9ieozJOSU7OSKh75LxxU%2F2TIfuMVXhP8s0T%2B7Ft7%2FMVTcVamqSnLvjk1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c9ed480b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /twemoji.min.js HTTP/1.1 
Host: twemoji.maxcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.9.57
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Thu, 27 Oct 2022 12:21:59 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: AC1C:2101:52CB7C:54F937:632A1005
vary: Accept-Encoding
x-fastly-request-id: 3daa9c29349b923c7bc2e77b2f3789ec5ff3662e
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 12:21:59 GMT
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-1e2be"
expires: Wed, 28 Sep 2022 12:21:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         178.250.6.38
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 80298
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /serviceworker.js HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         178.33.115.32
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1 
Host: illiweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.63.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TguwEmoKUHDj4ZPW9oMlw%2BpQCKyggU7xaba%2BW7NydbThWGWcu%2FoAA%2FDFobGP6NknphECvvNabE80LdzcAhVPr4uXUzPIdt6Ml87ANc7qmSoxmnNgTq2f8JdTEUiC2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c42af61c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /apu.php?zoneid=3765907 HTTP/1.1 
Host: cdn.betgorebysson.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 12:22:00 GMT
x-trace-id: 069132b0d95d40d7f0f93ab0ad905a3a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:00 GMT; path=/; secure; SameSite=None oaidts=1664281320; expires=Wed, 27 Sep 2023 12:22:00 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=alnaaemi.yoo7.com&info=0PaptV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEV4dUJmZnMyU0VjS25vTlZzMldSMXk&idsd=-1791973243,1976514639&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 992399
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /t54-topic HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         178.33.115.32
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:21:58 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Tue, 27 Sep 2022 00:00:00 GMT
last-modified: Tue, 27 Sep 2022 12:21:56 GMT
vary: User-Agent
set-cookie: exadd=166429; expires=Tue, 27-Sep-2022 16:21:56 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rs3/63/frm/lang/ar.js HTTP/1.1 
Host: illiweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.63.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656847
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgJcK%2BPqykLBo2pXvOzTMHa210EB2WvcYLYNlTFuUtMciBwW7q0D6X896buz1CPOxntIpd3cX2GVHYmgH6sA%2FtRZ7614MU%2FDjqYqfd9GlYrNhTHq7rhRHNbFmAUoXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c44b111c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 12:21:59 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=qVbLEl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEVYZTcySnNIZFdZNHA2NXZ4dUNKNlo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=0PaptV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEV4dUJmZnMyU0VjS25vTlZzMldSMXk; expires=Sun, 22 Oct 2023 12:22:01 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 325489
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: alnaaemi.yoo7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/t54-topic
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; toolbar_state=fa_show; _ga=GA1.2.1283134755.1664281318; _gid=GA1.2.305179677.1664281318; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.33.115.32
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 12:22:01 GMT
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---