alnaaemi.yoo7.com/t54-topic
301 Moved Permanently 0 B URL HTTP/1.1 alnaaemi.yoo7.com/t54-topic
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t54-topic HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 12:21:58 GMT
Content-Length: 0
Location: https://alnaaemi.yoo7.com/t54-topic
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8978
Expires: Tue, 27 Sep 2022 14:51:36 GMT
Date: Tue, 27 Sep 2022 12:21:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 12:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1dR6Pf_0kBFV-syCfIQ9FujK33KKAiTqb4dXepIzGb_ZCzmUL--1eQ==
Age: 388
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dBxcFRcJOLE6pc9XNF0tZzgCizSZO2Vzx2m6TBiY0kx7qNjjRM6dvA==
age: 10665
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f29d4245c221a826a51cd01647142a62
09ba491457b34a363f86b26cf8669997ab8525e3
7165bf99d639896e10b20fb510cab44b6c6891ea650a592ac804551ff4783c63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7165BF99D639896E10B20FB510CAB44B6C6891EA650A592AC804551FF4783C63"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2913
Expires: Tue, 27 Sep 2022 13:10:31 GMT
Date: Tue, 27 Sep 2022 12:21:58 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:21:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3702
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 11:20:17 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 10:40:15 GMT
expires: Mon, 25 Sep 2023 10:40:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 178904
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 71265a0c6851c7a8b791cad4aa3db788
7ff19cc491bb3b6207818100171cc99932510040
2ce831555f110600647e1a8256cf62728fe0253067c5210ae30b1d4b376833e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 11:18:18 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:34:00 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash 76e4eea96c83be1fae32f0112c7dfdfe
5aa69309deb2f6a1aac33e1f3d24fc52194aeced
0ce707fc034eea80a7fb5c5d2e33754df4efe21e7ae972298e2c39f3d778abf4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5810
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:45:09 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 313 B IP
Hash 1b38278fa6ffd8c86b24839081164a96
92b5ee31846d802f8d685ffb73f1b4aeff3f79fc
c7e3c4c064d58692c5aeafdc380ae99093b86b8df61150501d66e5b90dbdd9eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3056
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 11:31:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=
200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP
File type ASCII text, with very long lines (1720)
Hash 22518639341a33f753b1f6ce14fd26c1
12e999fbc935f163b74f5966982e0388ce169e20
15da40270b30601ed382cedf26f744f7a47c5893fb5d1f80a0ea9697c3f834f4
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:21:59 GMT
expires: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
File type ASCII text, with very long lines (1720)
Hash 8e6217f20671bc9b0d905b2154268a82
0bde7d998718851bfc405cee3663573658d04a11
8168daeb20ad25c0826ac5f5bed97b54242956df6870f6101831e6ba657ed32e
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:21:59 GMT
expires: Tue, 27 Sep 2022 12:21:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 12:10:46 GMT
Expires: Tue, 27 Sep 2022 12:40:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 72xea8VQwNghrnTI7FnobxGb-OSvZjaUx7wAPG3rO9MuTSzrO1E_MA==
Age: 673
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
choices.consentframework.com/js/pa/24697/c/IxWav/cmp
200 OK 139 kB URL HTTP/1.1 choices.consentframework.com/js/pa/24697/c/IxWav/cmp
IP
File type Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size 139 kB (138861 bytes)
Hash f18728dbedf5700873d1144123a92a02
b5735564f05e244faba61f15ae68ffcb3f4e8603
14b47d8f81bb666e1550debee41573e646af3da336386ace3900c4f88b297ea6
GET /js/pa/24697/c/IxWav/cmp HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:21:59 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=3600
Set-Cookie: euconsent-v2=NO_CONSENT; Path=/; Domain=consentframework.com; Expires=Tue, 27 Sep 2022 12:26:59 GMT; Secure; SameSite=None
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
alnaaemi.yoo7.com/0-rtl.css
200 OK 63 kB URL HTTP/2 alnaaemi.yoo7.com/0-rtl.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 0843ea564cb8987c90bfb89128ff5863
0b8bffe055b1eefdc054a5fcbb5ebbfbc9e4c252
1020ecfb5eb4eee36a44df571ba4043bde93871fa81747253d71167eaaa64ce0
GET /0-rtl.css HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/t54-topic
Cookie: exadd=166429
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: text/css
content-length: 63116
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_minitime.gif
200 OK 298 B URL HTTP/2 2img.net/i/fa/subsilver/icon_minitime.gif
IP
File type GIF image data, version 89a, 12 x 9\012- data
Hash 71647c2ce78f706f8b4b0d84b3369cf5
18fe4a449c64acf98e9570486627f29d3884dff9
de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6
GET /i/fa/subsilver/icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 298
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-12a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 24205469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoWqUexkpS%2BKCMibN3MjTR6FJWe149l20Ef0T9EYOl%2F22%2BodTVmdyubFmJPQJ2qrxLqcGaP3UOoJ1dan1%2F5iAfEzMLt%2BGnRghShtCShTAw3iJjN41%2B2GczK9gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a5875cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/purple-pearl/icon_minipost.gif
200 OK 121 B URL HTTP/2 2img.net/i/fa/purple-pearl/icon_minipost.gif
IP
File type GIF image data, version 89a, 12 x 9\012- data
Hash 9af02a3d7d6e349fa5bb13110db55eef
503d9af39dbdab2602054cc50e48c11edd382a3a
f71a5062940098aab6000f7f9c6c11f62686efa8e1842e6e5beadf69226dd496
GET /i/fa/purple-pearl/icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 121
last-modified: Mon, 16 May 2016 11:00:48 GMT
etag: "5739a860-79"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 358737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6H8Udr42mwrN7WHYtNtoNJGrCB66hAeBqgzqVn%2ByaORy7zqgOSw9kjb9z4Iyfl9Lza3Wv7yO2THUjL4%2BIsija4QiYcwt%2BP1S07Qz92GHIakkGZ%2FZRm8S%2FN4HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a6275cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "57304e3e-2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 May 2016 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 24205703
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odk0WJ0uXU%2B0iAv1x%2B60ag90GuZSd6TwJY9Vu%2BWUTWnfXWkOMzEeh76Zgq0tCe0kMAozMe2hDISTXGmiNkmcxQbQhaHubuyuVhifv09AsASap5Hi1IIau%2BcROg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a6a75cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/20/23/90/i_icon_mini_login.png
200 OK 3.1 kB URL HTTP/2 2img.net/s/t/20/23/90/i_icon_mini_login.png
IP
File type PNG image data, 81 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f934aba3f763b6b716b0f7f0feaec70
a185cbd4c41d7976addf44b70e4af97eff8e0258
b853c191a8cbfeb541b69c100bb7ff92224e2f26e9cc835c546605a66c3e12c1
GET /s/t/20/23/90/i_icon_mini_login.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/png
content-length: 3078
last-modified: Tue, 04 Mar 2014 14:53:14 GMT
etag: "5315e8da-c06"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwDstJbY1XEgbBVc2hLglk51uXEVgyvXNgFmy%2FAmPlT7pteX0tGBTb3QwA2Zvyl87WCrhZ37iScxBtMEjwFYWtwmAkaTy%2F2GLV9slAzKmGbE6Fdp4BwLQO3mgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c5aa7c75cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6104
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:21:59 GMT
Last-Modified: Tue, 27 Sep 2022 10:40:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
2img.net/i/fa/purple-pearl/icon_mini_portal_en.gif
200 OK 997 B URL HTTP/2 2img.net/i/fa/purple-pearl/icon_mini_portal_en.gif
IP
File type GIF image data, version 87a, 91 x 31\012- data
Hash afc88d4718c78dc6062838cce3709a79
e0fb52bbe63d2b9af6b0692f6a5693f8d461f0f6
687e1bec90385b189673d2a5a150b3867586a51a1c734da48c5d722820e49bb0
GET /i/fa/purple-pearl/icon_mini_portal_en.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 997
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-3e5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIKl5vdjbXVF9coelOO%2FYr%2BC%2BQwjH14pF%2F9m2ub%2BL1KWjzPMzSb%2FJDEUim%2B%2Bgdhsvy3akVC27RlEvZSh9C%2BjjJFclfKZx24o5uHQTuMD%2FSa0jJsI8OTMpIsphw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c5aa8275cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/20/23/90/i_icon_mini_register.gif
200 OK 2.3 kB URL HTTP/2 2img.net/s/t/20/23/90/i_icon_mini_register.gif
IP
File type GIF image data, version 89a, 81 x 31\012- data
Hash 92818036abb66d72baeafff09c61f0e8
ab8ef1bdc4dbf6480774b7d0c488ee2595371d0b
c6c47def9e30c2d3ccbde6bae3e9d12f57676459527b2da9bfd004372d882a37
GET /s/t/20/23/90/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 2317
last-modified: Tue, 04 Mar 2014 14:53:12 GMT
etag: "5315e8d8-90d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYqI0RxUB%2Fs%2FM0xGDo1QWHzkuMc%2BazQlis10eqTSBC4FhQIpCm3Fv2iBVEr%2BLcxFX3FKsx%2FUCrRraPLDrRFxd0fCpNDsgdcg3Qgz6qBZRIKYycGLWJuBvcWn2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c5aa8075cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/purple-pearl/icon_www.gif
200 OK 1.4 kB URL HTTP/2 2img.net/i/fa/purple-pearl/icon_www.gif
IP
File type GIF image data, version 89a, 59 x 18\012- data
Hash 365ad9e436336580be472c7c480ec673
5bb17a56012bee68383d28633c739ad4d2ecb402
74cc46f9271cbc52baffab13bd7ae85d8cd6a90b6a83ebbc39a09a86257011e9
GET /i/fa/purple-pearl/icon_www.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 1387
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-56b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjHQ4%2FMUsCUeKAEdbxQEN8QcWzcxTomvxENYy31wyNAm%2F3SnvqXZjLd76mlx8sWjNIAlYJvZOKMzX6MntTVCKJPcU46c%2BHMz%2BP1i4%2FDnO9SwHpBrR%2Fg%2BPDn%2FFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a5375cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/20/23/90/i_icon_mini_index.png
200 OK 3.0 kB URL HTTP/2 2img.net/s/t/20/23/90/i_icon_mini_index.png
IP
File type PNG image data, 81 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash aec936d2de77cda76333770fead4e6ea
e3a04b6d0f61fb17343637dc77db70d18b5d8055
5654550b559d02fa4ed9eeda35a4ac28971201d8fb9a035204fd16b6f2866620
GET /s/t/20/23/90/i_icon_mini_index.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/png
content-length: 3034
last-modified: Tue, 04 Mar 2014 14:53:15 GMT
etag: "5315e8db-bda"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brdiW7MFj3ampK3h%2FeT6ta31uuFrytcK501h9P8IO4FrBYOmqjriI0FYG%2BulMBFX%2FwGdTrp8DykN3S3Vg%2BVOv92EALVpdnGnpYLwscMN01tmFltOLmEHfPdwOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c59a6675cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cache.consentframework.com/js/pa/24697/c/IxWav/stub
200 OK 2.1 kB URL HTTP/2 cache.consentframework.com/js/pa/24697/c/IxWav/stub
IP
File type ASCII text, with very long lines (1309), with no line terminators
Hash ab573ca475370def72dff7ad6b93fcef
277f25cd799943185df878cc8fc72e1da4dbdbc0
d32f544cc1dc839a85969e522276e4c7eb54f8f1e078949e0dea02ecfebf7fe1
GET /js/pa/24697/c/IxWav/stub HTTP/1.1
Host: cache.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains; preload
cf-cache-status: HIT
age: 1443
last-modified: Tue, 27 Sep 2022 11:57:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HMuYdLRuJF10aoUFliMp%2BhqqMWZtfIyZuduTjadBYVhkaJtGrVkhvya2R92vytpc3JjQuto2N71LGbwSA8Je2Cy9jaSuMR9Z7y19aVnUGcHV5BUleIkw1j66qYgaKO7WcfPxYJepwyOlgdb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c3e9b3b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.servimg.com/u/f88/11/88/59/12/2iscw010.png
200 OK 3.6 kB URL HTTP/2 i.servimg.com/u/f88/11/88/59/12/2iscw010.png
IP
File type PNG image data, 39 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9717307b51b288e56cf2f9c879a8a727
8c2cf2e0c1ec40854f1abe1bdeb640796a20c1ef
8d5562b2c5e650c089557ae91afb70020940728c512d82312326e81a35b36d37
GET /u/f88/11/88/59/12/2iscw010.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/png
content-length: 3617
last-modified: Wed, 14 Oct 2009 06:38:10 GMT
etag: "4ad571d2-e21"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:18:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2000263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huEyyF88IUdOqoHzrUs2BwI%2B0VCpXwYSsBmu9Fhi5l%2Fa9RiTsXydEv1NIstLSrY3n1PiUL1RblItWbhuzL%2B3iMXGbsqUBVIuFIEjfwcCnxVd0V2UXnfOjlNlP52SWHsO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751433c6cebf0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f68/11/88/59/12/gradie10.gif
200 OK 387 B URL HTTP/2 i.servimg.com/u/f68/11/88/59/12/gradie10.gif
IP
File type GIF image data, version 89a, 6 x 56\012- data
Hash daf695774a01f4cd4ae9668a792989cf
6442dd9ceb740aa41bdcb5db3dc820880b92cfd2
6913f7f4c0a5cac976048914cb4c67ccd342dab00efdf9407d2598392fa3f7e5
GET /u/f68/11/88/59/12/gradie10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: image/gif
content-length: 387
last-modified: Fri, 05 Mar 2010 14:13:41 GMT
etag: "4b911195-183"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:30:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvLn2xQDKwdcVSkiW5TShAyg8G9%2BsCWk7fMdN0guO71Mg8WpfZ2IGvpQ7UB6XsInpRP8zu6BLCEPD6w5QV6i1cCZ773TSsVVQi8%2FxtSQu%2Fq0dYOenPQJBirnWO%2Fti1gP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751433c69e830af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fc558a27672ad8143d95bbc4e7ec717
25bda9575635a09e453b51d8247c0adf8678345a
c67bc59415db10fb39d990d12b3099062c9859c2d1360c7b27288ffa9d45016a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C67BC59415DB10FB39D990D12B3099062C9859C2D1360C7B27288FFA9D45016A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 27 Sep 2022 14:33:16 GMT
Date: Tue, 27 Sep 2022 12:21:59 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DVkwaPxsx+/9LzSWWczAPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hnrMnq2nJ0X2KGtiaLeNcwxHevo=
illiweb.com/rs3/63/frm/jquery/toolbar/FAToolbar.js
200 OK 6.5 kB URL HTTP/2 illiweb.com/rs3/63/frm/jquery/toolbar/FAToolbar.js
IP
File type ASCII text, with very long lines (25563), with no line terminators
Hash 0ec151896476e1adc2b71d6d3e38623c
34cdf92ca78eb8d2ca3f02adfb588cd137596333
8310a16a774e6ef6ed75f09dc8aab8190837f1c3964e9ef81dae05c7ac87399d
GET /rs3/63/frm/jquery/toolbar/FAToolbar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 17 Aug 2022 08:52:02 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BZr9YJCj5uQZ35FiU866coL9KofOwZX%2FNyzJplr6PJEuYvE%2BgOKGhKzDjLxHc1RK8vHRqcvcQRt9uYoWM0EJFJi0MZaoFWnje0QDKwdkDfuVUtN8bsFWQkEjQIfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c40ada1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/profile/check?origin=https://alnaaemi.yoo7.com
200 OK 17 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/profile/check?origin=https://alnaaemi.yoo7.com
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 0bd75264337702d501fe87ce0b52dc08
97cc20d9be99aab0ec65848e65d7e3b241788d73
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
GET /api/v1/public/profile/check?origin=https://alnaaemi.yoo7.com HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 17
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: private, max-age=86400
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=alnaaemi.yoo7.com&var=&ymid=&var_3=
200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=alnaaemi.yoo7.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (757)
Hash f799e826ad228ea14a0b1abf8a50b535
99de99b083085617755e5a07ffdd6caba194d6fe
61deced88e1826447df1c5c744ced5c40cd8b344213bda5f248d5029a5f61f47
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=alnaaemi.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: e6aef5fc1b54a8ebacda005b0feeca31
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 10:41:09 GMT
expires: Tue, 27 Sep 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 6051
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
alnaaemi.yoo7.com/?utm_source=pwa
200 OK 38 kB URL HTTP/2 alnaaemi.yoo7.com/?utm_source=pwa
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (23574)
Hash 0152e8ef3333cd7fa22450290255a806
67fa50e5d75c9870e350ea7d5b4610d752a5ac5b
b2b668dee29ba0f396fd4e5706eacf55644ed3f27785e2f128cfc6a8a3e5885a
GET /?utm_source=pwa HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; toolbar_state=fa_show
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 27 Sep 2022 00:00:00 GMT
last-modified: Tue, 27 Sep 2022 12:22:00 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 10:36:05 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.comodoca4.com/
200 OK 283 B IP
Hash 7f10c0bcb498fac723d9be609d12f5fe
fe3970e1b297603ebb8cab0020be667809f5d9ed
a2093550d5591187b98bf02a7440f5488c4bfbcf0f2f141a6aec4fa828967f05
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 12:22:00 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 00:47:13 GMT
Expires: Sat, 01 Oct 2022 00:47:12 GMT
Etag: "fe3970e1b297603ebb8cab0020be667809f5d9ed"
Cache-Control: max-age=303311,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751433cc5d37b51b-OSL
connect.facebook.net/ar_AR/all.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js
IP
File type ASCII text, with very long lines (1961)
Hash 1ff1bf4a0e0a47211e544d161f30ca40
a8a768476017cbb8f672e328bc4e9a5da540c9b7
24df3c6351e20d2b753809d40c7ff812bfec11823a0d16dc380f1e3da63407c3
GET /ar_AR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b424ce117272e05f826afc27e198fe96
etag: "4f874ddb0f32b85b59c091cba2d9bfea"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 27 Sep 2022 12:25:39 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: H/G/Sg4KRyEeVE0WHzDKQA==
x-fb-debug: /pK8BvxkwmHAM7dz9GhwK4LIwUx877wY4gXwpLqu9oD106a9OHJabb5VdiJ4hdWKhSqo7XLhp0k4y1bkAlJq+g==
content-length: 1685
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 12:22:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 396976
expires: Tue, 04 Oct 2022 12:22:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433ccbf06fab4-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 10:36:05 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 146 kB (145469 bytes)
Hash b6247ec22fba797cf6f51ae4c86a6509
1807f86f8b7146c10c986fd203d31de61ee67d8a
742c16a6b9e92d702d4e514560b0826268e676278e169e990c548d0bb6dd8a2f
GET /libtrc/impl.20220922-16-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: COg8lMA673OEz5PM+KFXiDXiosSVySM+TdixW+84HZwxLH8GtDt35DYHxlOgtiehZ9ZB4jLgaQI=
x-amz-request-id: W1R6REBMZ25HV30N
last-modified: Thu, 22 Sep 2022 14:15:17 GMT
etag: "b6247ec22fba797cf6f51ae4c86a6509"
content-encoding: br
x-amz-version-id: wNWqo8c3RDyWSxV8p_CKOzvKdfoSb_oq
content-type: application/javascript
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:00 GMT
via: 1.1 varnish
age: 22000
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 11816
x-timer: S1664281320.470672,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 14
server: AmazonS3-br
content-length: 145469
X-Firefox-Spdy: h2
connect.facebook.net/ar_AR/all.js?hash=add796b33dde7eb764e6cc4b8277f1b9
200 OK 88 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js?hash=add796b33dde7eb764e6cc4b8277f1b9
IP
File type ASCII text, with very long lines (18790)
Hash f195fc7dacad6f3842576244788b6dcd
c35ea6f984c28ca1438f732ca0bb02ed82f7183a
432c623c310cd44264db27624510de2cf6376d947b13f0a3b4123858fe6a1d4f
GET /ar_AR/all.js?hash=add796b33dde7eb764e6cc4b8277f1b9 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b685ff3d00769e19206f39289c1fe6f7
etag: "a071af3e22b5a588af934a27b67ed687"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Sep 2023 10:24:04 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 8ZX8faytbzhCV2JEeIttzQ==
x-fb-debug: 6vm4aQAr4xV9R55L9lhDgNiUVhSGdy7BwAb29J8PP16mFRXEoChe6dSkQj10XtSZ+k+FWhAZq7P86pEGII2azw==
content-length: 87543
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 12:22:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4b4b24188fa7cf59e26c261113d2ec4e
b39e76b0a5ddd302308fbcebbf295f91540b3d6e
dee2b698601ac272ef262a0557325ded4091d8af2344e18a7421c287c1ef16da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 11:41:50 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 05-v5vqkrpnoXngvm-eYHrz6LobtbDgScVm5eTHQaczqATjcJqq1nA==
Age: 2410
ocsp.digicert.com/
200 OK 313 B IP
Hash 944c43daeb114b52f31985e73a2e4de4
6edea5919fdbc74de43535086581527dcef9a9dc
a56e37bc78ae79d514bc828cfa7416a950f5ce4310b281303ab900beb5bc525e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:00 GMT
Last-Modified: Tue, 27 Sep 2022 10:38:13 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
api.viglink.com/api/ping
200 OK 2.1 kB IP
Hash c55ed659013f52741efbc95026dce88b
488085498cfac0dbace6fd69e2fda5051497c2e2
a5a94f598a921e2fd2ae76a3a517a1685c6c7be63ce305c59767f68a9ddb24aa
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 27 Sep 2022 12:21:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
choices.consentframework.com/api/v1/public/v2/tcstring
200 OK 25 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/v2/tcstring
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c7be6c2029fd0db7b831a9e8359395f
48818c4617f2dac593cc84c8f39244f24be3760e
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
GET /api/v1/public/v2/tcstring HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&gjid=513570964&_gid=305179677.1664281318&_u=YEBAAUAAAAAAAC~&z=406622205
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&gjid=513570964&_gid=305179677.1664281318&_u=YEBAAUAAAAAAAC~&z=406622205
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&gjid=513570964&_gid=305179677.1664281318&_u=YEBAAUAAAAAAAC~&z=406622205 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://alnaaemi.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 12:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b4b5468d07b2%26domain%3Dalnaaemi.yoo7.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Falnaaemi.yoo7.com%252Ff17cc4800778cdc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b4b5468d07b2%26domain%3Dalnaaemi.yoo7.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Falnaaemi.yoo7.com%252Ff17cc4800778cdc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b4b5468d07b2%26domain%3Dalnaaemi.yoo7.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Falnaaemi.yoo7.com%252Ff17cc4800778cdc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: rWznl/IB8QhQM7QIjTrWKZSsZXwGmDLu75e2fGxIlANMKZIJ0pGBUiwKqGaQfusqSkzm3mk8RGAORyAu/VVBvw==
content-length: 0
date: Tue, 27 Sep 2022 12:22:00 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Tue, 27 Sep 2022 12:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alnaaemi.yoo7.com/images/icons-180.png
200 OK 2.7 kB URL HTTP/2 alnaaemi.yoo7.com/images/icons-180.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash d360440370a6385e2c1cab2ffa213ffc
fecbcddb944bc6488879812f27230ab655adb483
99bc3b48a278562ef12d8568d92ec1721127613c54f45293a65bbca54e05b1f8
GET /images/icons-180.png HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/t54-topic
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; toolbar_state=fa_show
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: image/png
content-length: 2724
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=130&profileId=206&cb=38587479857
204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?ptv=130&profileId=206&cb=38587479857
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?ptv=130&profileId=206&cb=38587479857 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 567
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 27 Sep 2022 12:22:00 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://alnaaemi.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05b8e0539f33600bbfe6567a3e4506f2
43701d17c095ca11bd588b16177f2a7adf564fde
c23204269e6ec9727b91de24158f15b7bfb6159e95606089231db82560513160
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C23204269E6EC9727B91DE24158F15B7BFB6159E95606089231DB82560513160"
Last-Modified: Mon, 26 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8108
Expires: Tue, 27 Sep 2022 14:37:08 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Tue, 27 Sep 2022 12:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:22:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 55176
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 52362
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 52753
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 52201
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3140ec95f33c36599de95b25cdade940
932c74fa24b61ee1b1c672b6c19b1e736caab8d3
f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9737
x-amzn-requestid: aec3c3e9-42e5-4de5-8882-118002369ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreGJxoAMF-oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-527ccd70654c22891262279d;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ukn4d6yPeJJHN5trYK3xbhik2pX41zHki3nG5r6fCzQgm3vYw5lhAA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:43:16 GMT
age: 52725
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 40566
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/consent-string
200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/consent-string
200 OK 248 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b206dd9ba966cbdc7a89e33289b94e7
e6f8176780534d0414dc56f979f81530f64b77a7
c3475122a8d7ee518890e187cdf5c83a61e04cc8f710fc82e32a685d16e785d1
POST /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 317
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 248
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
200 OK 471 B IP
Hash 9c9ed3de47bf6f5930e2b13e3cf6036a
db356d5fc7c7259d90dceed785fc6689c543e140
15abd53817fd35465696cfcbc8c42c1f2325ba0fb7b8b87ede1ef87b1e5c7a80
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 11:54:27 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
choices.consentframework.com/api/v1/public/user-action
200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
200 OK 313 B IP
Hash 7fe5d7e8bab006e280be51825bd0e7f3
04b2e3443b73f3da95b8befc775c007a35974ba1
c9e96bf1d96f91f66945a20eaf3a81e360ee13a00475a1297ae8e68e89d86ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5625
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 10:48:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/user-action
200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 159
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&r=&rand=1664281318796&gdpr=1&gdpr_consent=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true
200 OK 0 B URL HTTP/1.1 js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&r=&rand=1664281318796&gdpr=1&gdpr_consent=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&r=&rand=1664281318796&gdpr=1&gdpr_consent=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true HTTP/1.1
Host: js.cookieless-data.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=qVbLEl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEVYZTcySnNIZFdZNHA2NXZ4dUNKNlo; expires=Sun, 22 Oct 2023 12:22:01 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 298099
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 764
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3e833c479d60604d82378b9f5481efce
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 380
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ea78df17b0b1d3ac2bc14920efafb135
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 456
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: db0e69dc187428dd81009eedaa7bbf47
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash d7103c61c45779a7b5d41d348717a808
eefd5e3968dda1f2d6e4eb24977265459ecbe974
093f9f2eaaa017cbd1fa1a8fdd067c242b3e28d18c6925d3116ad8d50f08af0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 11:24:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash d7103c61c45779a7b5d41d348717a808
eefd5e3968dda1f2d6e4eb24977265459ecbe974
093f9f2eaaa017cbd1fa1a8fdd067c242b3e28d18c6925d3116ad8d50f08af0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Last-Modified: Tue, 27 Sep 2022 11:24:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
static.criteo.net/images/pixel.gif?ch=2
200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Fri, 22 Sep 2023 12:22:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Fri, 22 Sep 2023 12:22:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash bf80be090639bd34f2dd5fc5d8bf9d28
553b9438752e91bbfbd3a71c79dbfacd6e6df475
b677b3ce9b69a0c82628595bfd68e5e0e6ff863e39112117e911b343d3c2d447
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 234
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 27 Sep 2022 12:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:22:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=1283134755.1664281318&jid=1642932922&_u=YEBAAUAAAAAAAC~&z=809635986 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:22:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A21%3A58.711&type=usage&msg=rtus&llvl=2&id=3777&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A21%3A58.711&type=usage&msg=rtus&llvl=2&id=3777&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A21%3A58.711&type=usage&msg=rtus&llvl=2&id=3777&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
x-fastly-to-nlb-rtt: 21057
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:22:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 12:22:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=496396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751433d19fd0b4fa-OSL
bidder.criteo.com/csm/events
204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 372
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Sep 2022 12:22:00 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://alnaaemi.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=9ff7805788394a20bf701704327ec4d8
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=9ff7805788394a20bf701704327ec4d8
IP
File type JSON data\012- , ASCII text
Hash e3482e5ddd6a44e39ab2cd1c5e79d8da
7f678f35a6a25564a7d0182442af36c368323bd4
90e6c93f5eedb809528d14340b128423ba1b17df5da9bb76cfe87d96a7e56872
GET /gid.js?userId=9ff7805788394a20bf701704327ec4d8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
200 OK 24 kB URL HTTP/2 vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash b06a94b265b5ec3739dab4b38308709c
de2336288983f78217a4cc83755366e583c5920a
066de7eb0d351eda7686b2479b069a600405fed39d38c7b9163a1d3cda84e992
GET /lite-unit/1.4.0/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
etag: "b683c290896a82c974838a04b4ea4aff"
server: AmazonS3
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: EpZuzr7lQIzV08xTZRv1e5wA0qOWVGpJ94XhkewIQ9BC5tfAYBuP9w==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 644498
x-served-by: cache-bma1629-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 351
x-timer: S1664281326.137077,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 23743
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
IP
File type ASCII text, with very long lines (17842)
Hash 3e7d8362ae0935052e7b830330333235
a22d41053809368c2a205527d7e07e774704b963
0513cd309debc5c144190b687feb1a1fa3f910c5ae7a44ab98bc1b4d459946b3
GET /libtrc/userx.20220922-16-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: EPnBOSdmJEdhu4JONnnrYz+pWBZzo8yGSYq7ayNxy2VgpwWzJKjW05/dee057aKKK1V9qEj5xzk=
x-amz-request-id: 7ZF16SJ6T06ATG9W
x-amz-replication-status: PENDING
last-modified: Sun, 25 Sep 2022 11:22:01 GMT
etag: "db9444e762c7677565a6ea28981b5bc1"
x-amz-version-id: 8c6AX02xLYX5yIzY_Dwb1zXMiU4DNl8e
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
via: 1.1 varnish
age: 103
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1664281326.137609,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 14
content-length: 5398
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d39b8820448a24f3bced8660a0dbd706.jpg
200 OK 7.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d39b8820448a24f3bced8660a0dbd706.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 16cf65a83107a7e377cf7fee5c47847a
414e23adbba3a17b8918d74ba9c367e91ab56e98
4e2f06986f355aabb43ce2ca454e6eada9a574584d541dc27272d43fdc93ef43
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d39b8820448a24f3bced8660a0dbd706.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 522777037747759324331212796994892136893,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 522777037747759324331212796994892136893,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "7724a91a62a2822b1c0cef0a2efc87ff"
expiration: expiry-date="Wed, 05 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 04 Sep 2022 12:23:27 GMT
req-referer: https://archeternite.forumactif.org/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 230
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 427239
x-served-by: cache-iad-kcgs7200134-IAD, cache-iad-kiad7000174-IAD, cache-sna10737-LGB, cache-iad-kjyo7100111-IAD, cache-bma1629-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 2
x-timer: S1664281326.192600,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d39b8820448a24f3bced8660a0dbd706.jpg
x-vcl-time-ms: 2
content-length: 7308
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 6.9 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash 7e53334c15fba515c3c50b2d1e8cda2a
59c253faf81504514309a5256e6540360cfa872d
51797b9efdd608fc845710e9e3aa4836e6e561dc41c68519434e4f4dd4009a21
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 98308
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&encoded=1&uid=a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664281324025&tagid=&cntry=NO&platform=1&sesid=7d916d52de4a3d91324241f01c313c46&itemid=/t54-topic&viewid=1664281323515&geolat=&geoing=&deviceifa=&appid=&sd=v2_7d916d52de4a3d91324241f01c313c46_a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d_1664281325_1664281325_CNawjgYQ3pxDGPvPlve3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=8025f55fc0f79d4ee58d27325c8ea677&appname=&cdb=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-2735058651020707920&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8596
200 OK 12 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&encoded=1&uid=a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664281324025&tagid=&cntry=NO&platform=1&sesid=7d916d52de4a3d91324241f01c313c46&itemid=/t54-topic&viewid=1664281323515&geolat=&geoing=&deviceifa=&appid=&sd=v2_7d916d52de4a3d91324241f01c313c46_a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d_1664281325_1664281325_CNawjgYQ3pxDGPvPlve3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=8025f55fc0f79d4ee58d27325c8ea677&appname=&cdb=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-2735058651020707920&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8596
IP
Hash fd58bfb0fabd52edf1a5a8003fb1fb97
57dc1ef8eed535423b012079d624f6a893f4b185
0763bbf88263a0d0f9e937ebfb85af458842d6f61485ebe97e4555600fb480bf
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&encoded=1&uid=a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664281324025&tagid=&cntry=NO&platform=1&sesid=7d916d52de4a3d91324241f01c313c46&itemid=/t54-topic&viewid=1664281323515&geolat=&geoing=&deviceifa=&appid=&sd=v2_7d916d52de4a3d91324241f01c313c46_a84394ab-9044-46d1-8603-2a0d08c40b7f-tucta2c706d_1664281325_1664281325_CNawjgYQ3pxDGPvPlve3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=8025f55fc0f79d4ee58d27325c8ea677&appname=&cdb=CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-2735058651020707920&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8596 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1444
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664281326.190030,VS0,VE91
vary: Accept-Encoding
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
200 OK 23 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x167, components 3\012- data
Hash 005ff6b670e59fed5449744a5f90224b
a43b45b22d81ddb4193527e89a30917fa5aaef1b
41f8a968f03beb656f2c91d7f6a7779c8296f27e434689b108e7bf1bcea0157b
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 538475434606933197924381234642994484733,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 538475434606933197924381234642994484733,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
etag: "005ff6b670e59fed5449744a5f90224b"
last-modified: Fri, 09 Sep 2022 04:33:06 GMT
server: cloudinary
status: 200 OK
timing-allow-origin: *
x-request-id: 387a8f59b0e6537770187c54d9ced0bc
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 1245349
x-served-by: cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100020-IAD, cache-bma1629-BMA
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 1, 1
x-timer: S1664281326.301455,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
x-vcl-time-ms: 1
content-length: 22682
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
200 OK 4.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 50233e857fa5b773b435a22d4c78ba8d
5dfbf82244bb341378c3f351a5b2821dfa58d533
06194e3f9f055875c2f1cfb1598fcc7e2788c65bb7eda0f1afb62649b4bf8f6b
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
etag: "7a05d120983314a09bb976d65de8efae"
last-modified: Wed, 21 Sep 2022 17:34:33 GMT
req-referer: https://s2day.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: ce06252aa6d94b1e1db04447bd1087a1
x-envoy-upstream-service-time: 89
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 375376
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kcgs7200066-IAD, cache-lax10656-LGB, cache-iad-kiad7000164-IAD, cache-bma1629-BMA
x-cache: MISS, HIT, MISS, HIT, MISS
x-cache-hits: 0, 1, 0, 1, 0
x-timer: S1664281326.300867,VS0,VE92
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 92
content-length: 4124
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
200 OK 3.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash c9dbd7144500d4a5a8f9294079c0acea
46061279b5984b4922d50fcf16333d4355cfed1e
89214f7fb343b54d1ebc88f84e199909f0cb6b4825d12e089976e11ed03bd98b
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 613669426550226744769788410621596759672,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 613669426550226744769788410621596759672,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
etag: "644ba62d20de87506b162a0124ab0675"
expiration: expiry-date="Mon, 12 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 12 Aug 2022 09:15:52 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 737
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
age: 1518220
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100128-IAD, cache-bur-kbur8200027-BUR, cache-iad-kcgs7200175-IAD, cache-bma1629-BMA
x-cache: MISS, MISS, HIT, HIT, MISS
x-cache-hits: 0, 0, 1, 1, 0
x-timer: S1664281326.301236,VS0,VE101
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
x-vcl-time-ms: 101
content-length: 3868
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 949ca4e557e68bfbfdb703e49e5ada32
4081cbb887bd8213274deaea1aadd49a4c06f6bf
1bd3fb9afe759b32158c5fae4a3b8a1966f987a8ab72a5f82327a53055ac0a80
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 325
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alnaaemi.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 27 Sep 2022 12:22:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A22%3A03.516<i=deflated&data=%7B%22id%22%3A948%2C%22ii%22%3A%22%2Ft54-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664281323515%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22vpi%22%3A%22%2Ft54-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A14097%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A302%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A14046.5%2C%22mw%22%3A857.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft54-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
200 OK 5.9 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A22%3A03.516<i=deflated&data=%7B%22id%22%3A948%2C%22ii%22%3A%22%2Ft54-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664281323515%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22vpi%22%3A%22%2Ft54-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A14097%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A302%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A14046.5%2C%22mw%22%3A857.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft54-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
File type Unicode text, UTF-8 text, with very long lines (12918), with no line terminators
Hash 79a4b096dc029edfcad0477abfd54195
7def428d12584487c5b093435fcf8ca7e84ada9b
0f1b31f34e4307cdccb6e4ed73a712dfa69bfdef8ce53ceeb9c3f2b8a5d2c95a
GET /forumotion-ar/trc/3/json?tim=12%3A22%3A03.516<i=deflated&data=%7B%22id%22%3A948%2C%22ii%22%3A%22%2Ft54-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664281323515%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPf9mIAPf9mIABcAIBENCiCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic%22%2C%22vpi%22%3A%22%2Ft54-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A14097%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A302%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A14046.5%2C%22mw%22%3A857.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft54-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664281326.677945,VS0,VE398
vary: Accept-Encoding
x-vcl-time-ms: 398
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A22%3A04.194&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5717&cv=20220922-16-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A22%3A04.194&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5717&cv=20220922-16-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A22%3A04.194&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5717&cv=20220922-16-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:22:06 GMT
x-fastly-to-nlb-rtt: 76988
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3647
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:22:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664281327.173953,VS0,VE79
x-vcl-time-ms: 79
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Content-Type: application/json
Origin: https://alnaaemi.yoo7.com
Content-Length: 388
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 832376e083038e03129b6284e03dec06
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=a7f92726dc4a45ad8ce7597ab43cb555&zoneId=2308013&checkDuplicate=true&ymid=&var=
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=a7f92726dc4a45ad8ce7597ab43cb555&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP
File type JSON data\012- , ASCII text
Hash e3482e5ddd6a44e39ab2cd1c5e79d8da
7f678f35a6a25564a7d0182442af36c368323bd4
90e6c93f5eedb809528d14340b128423ba1b17df5da9bb76cfe87d96a7e56872
GET /gid.js?pub=0&userId=a7f92726dc4a45ad8ce7597ab43cb555&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: ID=9ff7805788394a20bf701704327ec4d8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU92hs2ElT2yNoEfKniTjf%2FIp%2FiD6LXvQGsIm%2F4MDdWtuGUwj2zRzxtFUcgLlUje3plD%2FUD%2F6u4ZGzzb0h8Zn0j825IlCBxix6o2kRSZSu8zF2lYJHc%2Fb8XxZ3dZyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c43b031c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.395
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.395
IP
GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=alnaaemi.yoo7.com
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=alnaaemi.yoo7.com
IP
GET /syncframe?origin=publishertag&topUrl=alnaaemi.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=6aef24f9-c741-4801-aae1-daea23a53958; expires=Sun, 22 Oct 2023 12:22:00 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 641931
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=aZ8T5BL3sDMZGSrLnQ98jL4LEJgrKuqePMzF_vvwOMbdwyeMjuca-e8Hr4g8T90mAQnQiaCbCsM24xCv2_OfPRKsa2n75D6KGJMXaUfuNTg0P50WHHqZ3jUMAtJGmcdPqKudua-XH6XP8-QAmEmF6UBdOEM8zf361yg5h7PTZv2AD3wbvbUYfUYhiv6Drz8-OGsILXp6FCV7iZBBv_2nlH3vWOpA-bO1&request_ab2=0&zoneid=3765907&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3667bf79-33f9-4f61-ba24-069ae14cc75f&userId=9ff7805788394a20bf701704327ec4d8&m=link
200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/?rb=aZ8T5BL3sDMZGSrLnQ98jL4LEJgrKuqePMzF_vvwOMbdwyeMjuca-e8Hr4g8T90mAQnQiaCbCsM24xCv2_OfPRKsa2n75D6KGJMXaUfuNTg0P50WHHqZ3jUMAtJGmcdPqKudua-XH6XP8-QAmEmF6UBdOEM8zf361yg5h7PTZv2AD3wbvbUYfUYhiv6Drz8-OGsILXp6FCV7iZBBv_2nlH3vWOpA-bO1&request_ab2=0&zoneid=3765907&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3667bf79-33f9-4f61-ba24-069ae14cc75f&userId=9ff7805788394a20bf701704327ec4d8&m=link
IP
GET /?rb=aZ8T5BL3sDMZGSrLnQ98jL4LEJgrKuqePMzF_vvwOMbdwyeMjuca-e8Hr4g8T90mAQnQiaCbCsM24xCv2_OfPRKsa2n75D6KGJMXaUfuNTg0P50WHHqZ3jUMAtJGmcdPqKudua-XH6XP8-QAmEmF6UBdOEM8zf361yg5h7PTZv2AD3wbvbUYfUYhiv6Drz8-OGsILXp6FCV7iZBBv_2nlH3vWOpA-bO1&request_ab2=0&zoneid=3765907&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Falnaaemi.yoo7.com%2Ft54-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3667bf79-33f9-4f61-ba24-069ae14cc75f&userId=9ff7805788394a20bf701704327ec4d8&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/
Origin: https://alnaaemi.yoo7.com
Connection: keep-alive
Cookie: OAID=9ff7805788394a20bf701704327ec4d8; oaidts=1664281320
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: application/json
x-trace-id: 7a8f281c88833f80f9cdcc3267d1f84d
access-control-allow-origin: https://alnaaemi.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:01 GMT; path=/; secure; SameSite=None
oaidts=1664281321; expires=Wed, 27 Sep 2023 12:22:01 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 04 Oct 2022 12:22:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 3206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5W7InpbP2aEw0pKfffXEqG9crBd8OEUxtkR5SsaSoLNgSDkZhx8nzTifBkp1qBA2eQY0NMfLhXZWfAF9ieozJOSU7OSKh75LxxU%2F2TIfuMVXhP8s0T%2B7Ft7%2FMVTcVamqSnLvjk1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c9ed480b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Thu, 27 Oct 2022 12:21:59 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: AC1C:2101:52CB7C:54F937:632A1005
vary: Accept-Encoding
x-fastly-request-id: 3daa9c29349b923c7bc2e77b2f3789ec5ff3662e
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-1e2be"
expires: Wed, 28 Sep 2022 12:21:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 80298
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
alnaaemi.yoo7.com/serviceworker.js
200 OK 0 B URL HTTP/2 alnaaemi.yoo7.com/serviceworker.js
IP
GET /serviceworker.js HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TguwEmoKUHDj4ZPW9oMlw%2BpQCKyggU7xaba%2BW7NydbThWGWcu%2FoAA%2FDFobGP6NknphECvvNabE80LdzcAhVPr4uXUzPIdt6Ml87ANc7qmSoxmnNgTq2f8JdTEUiC2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c42af61c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/javascript
x-trace-id: 069132b0d95d40d7f0f93ab0ad905a3a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ff7805788394a20bf701704327ec4d8; expires=Wed, 27 Sep 2023 12:22:00 GMT; path=/; secure; SameSite=None
oaidts=1664281320; expires=Wed, 27 Sep 2023 12:22:00 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=alnaaemi.yoo7.com&info=0PaptV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEV4dUJmZnMyU0VjS25vTlZzMldSMXk&idsd=-1791973243,1976514639&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=alnaaemi.yoo7.com&info=0PaptV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEV4dUJmZnMyU0VjS25vTlZzMldSMXk&idsd=-1791973243,1976514639&cw=1&lsw=1
IP
GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=alnaaemi.yoo7.com&info=0PaptV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEV4dUJmZnMyU0VjS25vTlZzMldSMXk&idsd=-1791973243,1976514639&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=alnaaemi.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 992399
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
alnaaemi.yoo7.com/t54-topic
200 OK 0 B URL HTTP/2 alnaaemi.yoo7.com/t54-topic
IP
GET /t54-topic HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:58 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Tue, 27 Sep 2022 00:00:00 GMT
last-modified: Tue, 27 Sep 2022 12:21:56 GMT
vary: User-Agent
set-cookie: exadd=166429; expires=Tue, 27-Sep-2022 16:21:56 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/lang/ar.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/lang/ar.js
IP
GET /rs3/63/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1656847
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgJcK%2BPqykLBo2pXvOzTMHa210EB2WvcYLYNlTFuUtMciBwW7q0D6X896buz1CPOxntIpd3cX2GVHYmgH6sA%2FtRZ7614MU%2FDjqYqfd9GlYrNhTHq7rhRHNbFmAUoXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751433c44b111c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alnaaemi.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:21:59 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=qVbLEl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEVYZTcySnNIZFdZNHA2NXZ4dUNKNlo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=0PaptV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czk5TUY5VHJlY0FYNWhRbzBlZGlaWEV4dUJmZnMyU0VjS25vTlZzMldSMXk; expires=Sun, 22 Oct 2023 12:22:01 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 325489
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
alnaaemi.yoo7.com/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: alnaaemi.yoo7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alnaaemi.yoo7.com/t54-topic
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; toolbar_state=fa_show; _ga=GA1.2.1283134755.1664281318; _gid=GA1.2.305179677.1664281318; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:22:01 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
94.23.159.185
151.101.85.44
212.129.3.113
142.250.74.164
104.18.32.68
34.248.7.88
185.106.33.48
23.36.77.32
141.226.228.48
157.240.200.14
178.33.115.32