habeb-alroh.forumfa.net/t8724n-topic
94.23.159.185301 Moved Permanently 0 B URL HTTP/1.1 habeb-alroh.forumfa.net/t8724n-topic
IP 94.23.159.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /t8724n-topic HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 00:53:03 GMT
Content-Length: 0
Location: https://habeb-alroh.forumfa.net/t8724n-topic
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17153
Expires: Thu, 02 Feb 2023 05:38:57 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15939
Expires: Thu, 02 Feb 2023 05:18:43 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11171
Expires: Thu, 02 Feb 2023 03:59:15 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:43:26 GMT
content-type: application/json
age: 578
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TMwLHiJkWx36K7aF71ItPv4tE51Eg8hxEGZc6HEMfZfofx3qwgP7hTyHrTztOr17xwwC44YzosQ=
x-amz-request-id: J2YRSQH8JVZAF8J4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:51:46 GMT
age: 78
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:04 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 64c95905c223512a63ebf2236cee1cd3
24bd34eed4233ac43b275cb804a0348495814812
9062e3960f9729c15045055e831a52dbf4bdc31dea07eab85460976034322d17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9062E3960F9729C15045055E831A52DBF4BDC31DEA07EAB85460976034322D17"
Last-Modified: Tue, 31 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Thu, 02 Feb 2023 06:52:26 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
habeb-alroh.forumfa.net/t8724n-topic
178.33.115.32301 Moved Permanently 0 B URL HTTP/2 habeb-alroh.forumfa.net/t8724n-topic
IP 178.33.115.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /t8724n-topic HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:04 GMT
content-length: 0
location: https://habeb-alroh.forumfa.net/t9323-topic
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:49:05 GMT
age: 239
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12315
Expires: Thu, 02 Feb 2023 04:18:19 GMT
Date: Thu, 02 Feb 2023 00:53:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0c3e2ff10e09178951e649ae09b6c3f2
d45c834f56571913e01e5290a5effa8ea54519a0
d52a33d7b548f888e9ffe30d2fbf57bd9b6d34a925272921a817636de552dc09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:04 GMT
Etag: "63d9fa77-118"
Last-Modified: Wed, 01 Feb 2023 23:19:33 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0c3e2ff10e09178951e649ae09b6c3f2
d45c834f56571913e01e5290a5effa8ea54519a0
d52a33d7b548f888e9ffe30d2fbf57bd9b6d34a925272921a817636de552dc09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:04 GMT
Last-Modified: Wed, 01 Feb 2023 23:23:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0c3e2ff10e09178951e649ae09b6c3f2
d45c834f56571913e01e5290a5effa8ea54519a0
d52a33d7b548f888e9ffe30d2fbf57bd9b6d34a925272921a817636de552dc09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5421
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:04 GMT
Last-Modified: Wed, 01 Feb 2023 23:22:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0c3e2ff10e09178951e649ae09b6c3f2
d45c834f56571913e01e5290a5effa8ea54519a0
d52a33d7b548f888e9ffe30d2fbf57bd9b6d34a925272921a817636de552dc09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:04 GMT
Last-Modified: Wed, 01 Feb 2023 23:04:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
216.58.207.202200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 216.58.207.202:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 09:43:35 GMT
expires: Thu, 01 Feb 2024 09:43:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 54570
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.82.231.103101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.231.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B9IchLfRKRD0IQP4Yc4n1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iGpJUtk149rbsL3REdr/QBGeUUw=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0e0d8a73fcf4d0146bef21faea2ec8f
0516bcc33d6d9deb3ba192304368024f6146d95c
736d9b58dfc40bbbd3490e4011bb0c4f00843783423d7a1ee88678e60e83ec67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Last-Modified: Wed, 01 Feb 2023 23:48:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0e0d8a73fcf4d0146bef21faea2ec8f
0516bcc33d6d9deb3ba192304368024f6146d95c
736d9b58dfc40bbbd3490e4011bb0c4f00843783423d7a1ee88678e60e83ec67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Last-Modified: Wed, 01 Feb 2023 23:37:34 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0e0d8a73fcf4d0146bef21faea2ec8f
0516bcc33d6d9deb3ba192304368024f6146d95c
736d9b58dfc40bbbd3490e4011bb0c4f00843783423d7a1ee88678e60e83ec67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5384
Cache-Control: max-age=168245
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Etag: "63dae29e-117"
Expires: Fri, 03 Feb 2023 23:37:10 GMT
Last-Modified: Wed, 01 Feb 2023 22:07:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 1263a80e4bed64529b9e8ca61ccea9b8
97356de87ac091a56de8bb5485ce99712408d62b
f174c72446dbd9a2d0f1b6f74f02bec21d15d8da763b976d7bb9e598e786a7ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 88a00fb32b850fd22e619631d42b59c4
8f8db69d5d7e71890851b3e6b88bf2bd3c890f64
b8d4504dd3a28f92cbfb2d4ba99bad723d657086820d3d88dc1a6e70ac416ce7
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 00:53:05 GMT
expires: Thu, 02 Feb 2023 00:53:05 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/addthis/addthis_widget.js
188.114.96.1200 OK 2.9 kB URL HTTP/2 illiweb.com/rs3/71/frm/addthis/addthis_widget.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (6873), with no line terminators
Hash 18b74c5b44480793b22a9792634fc040
fa5e4ebd1020db6284922f9b944c9917bc6c180b
4f2de7683869b30174447180945c74c8ee2dd52ba3e20c1c36adf3ac57d9a30f
GET /rs3/71/frm/addthis/addthis_widget.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:39:01 GMT
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1181644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9b6i04FZxRpq5SMDA6uDoc1ATdDLgPnMlKHjk9%2BTLq%2BlAARkfXegTItugusgb8y5Tdv6ooatdDSu3MJqY32UrQtG0HcXCeW8Nwdrydy%2BDofxOnzAcYdcpToW4U4YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a26cc8b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
habeb-alroh.forumfa.net/0-rtl.css
178.33.115.32200 OK 57 kB URL HTTP/2 habeb-alroh.forumfa.net/0-rtl.css
IP 178.33.115.32:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash d5ce5b48affd8d65fe70b418d5e3ca59
9dab02a176988bda9435f92f8bfd05ea0afb88ab
4f1b0fa0c7ba30ae762eea3c186199c154dbd35fcadf988418a31110bf3a1476
GET /0-rtl.css HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/t9323-topic
Cookie: exadd=167531
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/css
content-length: 57084
last-modified: Thu, 02 Feb 2023 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/jquery/cookie/jquery.cookie.js
188.114.96.1200 OK 942 B URL HTTP/2 illiweb.com/rs3/71/frm/jquery/cookie/jquery.cookie.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (1011), with no line terminators
Hash 2d33f449f59c587550acf8a91062eeda
636d9fc7c0b70d652a254ebb59e015bc74e02829
b4b559cf9551e7339ea34c5de7b3a299dbafe3ce5b0b7858a0a3cbbdbd08e09b
GET /rs3/71/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:36:47 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1181778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f852uu0SquP5naj72k87oIZStRBgS6aFbtXwVX3zdNG2GswoLiTzJeervaFhmXOWVFA%2BCG7wG70vmDlNYKwsk1ngQd3%2BIDynI9i8oGKHOwtLMmpIlJuk16%2FQGDV5cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a29cd2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/ograph/fb_login.js
188.114.96.1200 OK 1.2 kB URL HTTP/2 illiweb.com/rs3/71/frm/ograph/fb_login.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (2211), with no line terminators
Hash dfcf1f96f8e177618fa1437d0696b8ce
0fc3ed4af915f7fbdbb3fc4fc216d14d13a3a80b
392727fa5bacf5b76309b4c7da5b1a8553074cd02d6561e1f32a4c1ce65357d8
GET /rs3/71/frm/ograph/fb_login.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:56:02 GMT
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1180623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrwbrVGPyzGKKxNJUtsx4llB5xJQ%2Fbc29MSto3keYshmRJSMjhWNi%2BX9wAFbDLqNpOz9oQ44xB1edt8jLi2vTS%2FchKd8IaBfvxI9IBe1%2FVmwi4ThRRGLvnjQfkoTsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a26cc6b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/jquery/ticker/ticker.js
188.114.96.1200 OK 1.5 kB URL HTTP/2 illiweb.com/rs3/71/frm/jquery/ticker/ticker.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (2244)
Hash f7f2c996519cb41f4005ee9ac5ce0dc2
f1e609a35c5f172febaa89e7aa9ef0f0f2eddd27
07684ef47fb62fabef3f683403184ce14a7722f57dd8cce142c6a211e265873b
GET /rs3/71/frm/jquery/ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:38:35 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1181670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUkXAZkCAVMk9KS4QwX3MadLYxTXBCKQuBfEsqcXM86r49bWbYoI1FBrvgy6d%2Bs25Gk8pbrId39gGHkgjbCR8N%2FB9DQ5yVtPkeu1v2xeeffZjs1oFEVdevOmFv91Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a2acd9b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0c3e2ff10e09178951e649ae09b6c3f2
d45c834f56571913e01e5290a5effa8ea54519a0
d52a33d7b548f888e9ffe30d2fbf57bd9b6d34a925272921a817636de552dc09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Last-Modified: Wed, 01 Feb 2023 23:04:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
apis.google.com/js/plusone.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Thu, 02 Feb 2023 00:53:05 GMT
expires: Thu, 02 Feb 2023 00:53:05 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_mini_portal.png
104.21.235.176200 OK 1.5 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_mini_portal.png
IP 104.21.235.176:0
File type PNG image data, 70 x 35, 8-bit gray+alpha, non-interlaced\012- data
Hash 946a47eb0d526fd17242bb5443de1bd3
ed14e532dbf494e940411a41d7e78d7b3762f7f4
898d5d002d200dc2e430c4e4dc852bfaf4afb2447b6147daaccc7824ab1f899b
GET /s/t/21/21/56/i_icon_mini_portal.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 1482
last-modified: Thu, 29 Sep 2016 22:25:04 GMT
etag: "57ed94c0-5ca"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMt7m4gsMu8JaPDJdtZ%2FGqImAphjZvXwPY7KPHP1hw796D5GamVoo2dBF2v9SUbVtw%2F2WfqfbYeiYsptFGupYqdyeh9uTEL48A7EryQsRyUln2o7TXQC9MD8PA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8d6bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/wysiwyg/insertimage.gif
104.21.235.176200 OK 145 B URL HTTP/2 2img.net/i/fa/subsilver/wysiwyg/insertimage.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 21 x 20\012- data
Hash 32baf25f03b9901187afabae580bf4a7
bf97ec3e3b189038bc4698d813153166cf557654
8e1a0bd241aa4be7fbe8bf8d18bd57727959ebd3c6b6be93dfcc729001a14082
GET /i/fa/subsilver/wysiwyg/insertimage.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 145
last-modified: Mon, 16 May 2016 11:02:04 GMT
etag: "5739a8ac-91"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 512960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stbk0uLioVhE8Muvcrho%2FYtIlovU2zHDMDo4dGBxCrdgxAEQ3tpCVeyzZV%2FAWNsgm6hiyID63wvIzEAZZ4IIqzprne7kI4PSSj3GaxzSGOezHMk9Xa16VndExQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8d1bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_mini_register.png
104.21.235.176200 OK 2.6 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_mini_register.png
IP 104.21.235.176:0
File type PNG image data, 70 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c04af30c26e0350c717f3c279df103e
456703a7c0d9a7a6e7b8b228f448234c2955e9b1
5bc41ebae262c24c0d5a24b986b9f57fa6fac0358d5d3f66887d1e53af67f9a6
GET /s/t/21/21/56/i_icon_mini_register.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 2614
last-modified: Thu, 29 Sep 2016 22:25:03 GMT
etag: "57ed94bf-a36"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbxOFXzqVqV84BE6DzKH6tAPD4QdATMQILr4rkKpdS2b3gzrHkYrYps5ApOQRMxzgbo7aBKeiK9iBQJVuaWS5HGGY%2FO72hIXXf3syF%2B2kAEF3ft7FYUCybcYyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8d8bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_gender_female.gif
104.21.235.176200 OK 2.0 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_gender_female.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 72 x 15\012- data
Hash 8897ef3441bac2b49f9ad17a8d8bacb8
c842f0433a7b0df64ec84f26cf93b4dcc783c0f5
e5265d02c5e18bcf8a6e341aa072c4fc2edade31152a1cc8c968f72557ca4834
GET /s/t/21/21/56/i_icon_gender_female.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 1956
last-modified: Thu, 29 Sep 2016 22:25:02 GMT
etag: "57ed94be-7a4"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 74552
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmG9uXP3AKubNID6UYAp3ocJVG4V30eGnpFxL7azi3dE5c887uE6GMAs%2BZIrFdjifVP9%2BZIlSlvNR5VQl2C0VfFhQCVZ488VtZlOkwziv%2BQxvocpxUsxFszxMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8dabc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharebar.addthiscdn.com/v1/sharebar.js
23.38.200.123200 OK 400 B URL HTTP/2 sharebar.addthiscdn.com/v1/sharebar.js
IP 23.38.200.123:0
Hash 0c033864356694df724d897b6f141ee4
386ddcd43e657cb6fe0cf095a94dfdf87688b1a9
9a393b57c509959832ed340583fe7d553eceab5264f2ab4e1470e226a3be4a93
GET /v1/sharebar.js HTTP/1.1
Host: sharebar.addthiscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Thu, 11 Jan 2018 22:02:15 GMT
etag: W/"5a57dee7-25e"
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 400
date: Thu, 02 Feb 2023 00:53:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_mini_gallery.png
104.21.235.176200 OK 2.3 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_mini_gallery.png
IP 104.21.235.176:0
File type PNG image data, 70 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 61c7f58215f4c0b8965b360f7a1fe103
51af2a204d2437fbf29593b64d918dfbe1653d10
8922e30e27cc58907bac112f8798e3e63294b0d3dc010cd4a5932ff2221ee9fb
GET /s/t/21/21/56/i_icon_mini_gallery.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 2267
last-modified: Thu, 29 Sep 2016 22:25:04 GMT
etag: "57ed94c0-8db"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lt3OVUL7ARsVzJ6FWfHO6Lz%2Bwyhhn6uwM8buG5kRpTgxAjUGfaqMUHo05adRUNSggsYTFv9X05dHfT9AyzCzbJHN8Y8b%2FsKYcQNKDMbIYL1uhuQhPRE5JqWFAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8d9bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_mini_index.png
104.21.235.176200 OK 1.4 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_mini_index.png
IP 104.21.235.176:0
File type PNG image data, 70 x 35, 8-bit gray+alpha, non-interlaced\012- data
Hash bd09f8e64e85993294753b229f07363d
e33f2967f5aeb589dc05a2040a72311699d5ec37
260d9f76c286161391f0fb05888a342d9fd022fd144ea041dba48f63fba58fb2
GET /s/t/21/21/56/i_icon_mini_index.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 1410
last-modified: Thu, 29 Sep 2016 22:25:04 GMT
etag: "57ed94c0-582"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAE%2BNHtgYJj516wpgKujyzom15SwP1kEN%2BxBa4SS8LEG6er9NBeVoOqi84SMwHj4vIqpFbnqWR4KQcZFBc2bVyjkrF86PsFIFcFqzHtVhsJMuCpzdxukhN2O6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8d7bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_mini_login.png
104.21.235.176200 OK 1.1 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_mini_login.png
IP 104.21.235.176:0
File type PNG image data, 70 x 35, 8-bit gray+alpha, non-interlaced\012- data
Hash 53fe8fa41805a2af071ac5c027744a54
23b8b98a87fcabcb02f223b5387d7df74764910d
3f0c2854b0791a6d756ef450db1841536377e5e1f1a66f5039cab557745dd42f
GET /s/t/21/21/56/i_icon_mini_login.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 1138
last-modified: Thu, 29 Sep 2016 22:25:04 GMT
etag: "57ed94c0-472"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4n116BQ%2FelRYrcSjBBOWGoVDXGVYqUI61tzrbVYK56yMOvgnZsj30gIP911WkbD01%2B9bGgxkqkIpb27A4t2fg%2BOPVZxNB6f%2BSTPE41MET2Pkgt0td2SP0KctA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8e4bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/ar_AR/all.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash d40bbe309bceaf0dc5d15048c66ed35a
9145b2554765f87fd7930c5c48a25386e6e524ad
dc1f7775a3f326c5f82a4b0309e289bd58bc2bac98a7de72bca55dedc044b309
GET /ar_AR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 985522d542f0f1891d471bc688bab2c7
etag: "09510cca2814ebf370f21c8375e8f423"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 02 Feb 2023 01:02:36 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 1Au+MJvOrw3F0VBIxm7TWg==
x-fb-debug: VAqdENB6S9F/iLDUUkx0tvrz6i6Q1asE7KKzvMfOxBaSg0TxaK79BXUMhQOGNtiOZnvD4K4l24bJy3mvMyvg3g==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 00:53:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/icon_minitime.gif
104.21.235.176200 OK 298 B URL HTTP/2 2img.net/i/fa/icon_minitime.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 12 x 9\012- data
Hash 71647c2ce78f706f8b4b0d84b3369cf5
18fe4a449c64acf98e9570486627f29d3884dff9
de0294a906e3fa470d188c8d596e3a5fc3efc59bab8080506015498db73c18e6
GET /i/fa/icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 298
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-12a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5670108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV3JWxKwlTSUzzAVl4O98GkHE03yuPdXldStXxkjnU5fx1bp9p9w6kJUi6eZwM%2FNyGoYNB8Mgqu9zItffp9N4ikDco3WgynjjSufUS%2B9p7%2BMx4NLhpMr16MqbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8e9bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.176200 OK 42 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5670142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0gMmneKMtpc5dzrtuhbm6XbwAUFjNVgSE35uHiwrUHVfDI96Y0WYdv%2B0dWovMGoQsIGfqxOowEDi60fPKr%2BZkYj80m%2BYAczyS6SBJRyzD4AjQbWkGmWAcmtzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3b8d4bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_minipost.gif
104.21.235.176200 OK 257 B URL HTTP/2 2img.net/s/t/21/21/56/i_icon_minipost.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash d63c31b681cbebc794c57f1e5e48f8a4
afb6ddbdc3f157f2e72bcd268c9a7b6db2a721d9
1e048091ee6509e5dc0e08d8b7e7c056bb57935d071def9eef44580a7d1dda40
GET /s/t/21/21/56/i_icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 257
last-modified: Thu, 29 Sep 2016 22:25:02 GMT
etag: "57ed94be-101"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5ZdlMfFsPG51UvPe9hGgYf5fRuTI1Fq71IIOz%2Bv08REgvp%2Bcymvnlji4pAdrVD%2FQrp1l4iOX0RfOgr5T6Vyo0C0wsffzLQcgGsE18ojvxIsJNEu4esffZbSeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8eabc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_chinese_snake_1.gif
104.21.235.176200 OK 241 B URL HTTP/2 2img.net/i/fa/subsilver/icon_chinese_snake_1.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 19 x 18\012- data
Hash 81969ebf6a1ebefe119208dd57e9e6a5
303b2e188f5f5d8db6c178d758f3358aa7aec6d0
a84fcba92176161a7686f9c6676ea7307cb54cd2a2b50292839e6a77d2c7cb46
GET /i/fa/subsilver/icon_chinese_snake_1.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 241
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-f1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5665621
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2wWMQr6uvK7RfpAS2HyDUMpF%2BlYTveMtUYnLmhZSb38uWUFzbjMbp5xo1byMWrJV0KSGDIa%2FQjz8LgDrUfhDivzytRsuxnnTFayaJr4h8cUw45DRCew12oDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8f0bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_sagittarius_1.gif
104.21.235.176200 OK 253 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_sagittarius_1.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 19 x 18\012- data
Hash efc5e2a8bdc2fdb3fd7de7a59258e392
5a00bf4ae6ed32777f0d968fa64b2374a2dbb19c
e716caa4c89cb937b9df1c99b61c84e29f7fff4cc0409b9792ffb98ca66ec04a
GET /i/fa/subsilver/icon_zodiac_sagittarius_1.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 253
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-fd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5669207
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIBg6vUM%2B%2FShzPU3V8km1VR6i4D%2F8RSqaL2MKrULIfDjMCyRYn9TPDCahT92cen1J9G0JaxZyNxUSndDC5xTfx%2BaeTQEmIlI4UPi9dXx%2Bf7PIzBVKnnc634Gow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8f2bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.almrah.com/images/icons/rose.gif
104.21.235.176200 OK 2.5 kB URL HTTP/2 2img.net/h/www.almrah.com/images/icons/rose.gif
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2522), with no line terminators
Hash 42ec65e70392d81c1cd17e71f9be5bd0
a2326ec4790bb8c67487fd8a59db536b74bedd90
7b5c1bd8ee01037e269d4a4569d85a8b89f630e7b4994152a1fcd27de6c44370
GET /h/www.almrah.com/images/icons/rose.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 2522
last-modified: Mon, 27 Jul 2020 16:39:11 GMT
etag: "5f1f032f-9da"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQ7UiTHOgkEu2B1s%2Fe1PIGGUX2R8V6ODR1G2fmYonrHYqsGU2Jd8p5%2B78rr%2B7h0BuExEUBB4WLpd1Bbz%2BG7x3uBKS31yE2B5XV4CDN1NJniHy79KdrcVXdsNUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8ebbc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/21/21/56/i_icon_gender_male.gif
104.21.235.176200 OK 1.9 kB URL HTTP/2 2img.net/s/t/21/21/56/i_icon_gender_male.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 72 x 15\012- data
Hash ac9db8766913cf80d1f2ce48965f953e
7d741f2f6f45d19878399f99661df159a777bf29
0d63a4cbfb49aa1ce2de2c388b26145678cb8f629dfc206c21645ddbce4eceda
GET /s/t/21/21/56/i_icon_gender_male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 1929
last-modified: Thu, 29 Sep 2016 22:25:02 GMT
etag: "57ed94be-789"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgYYhYmP8xWQRVJNXsvJ2wEV3cGbXlplN4e5jFL8BcKeUalqfi4bQF4AdWccJ4ULNmv425FQF25EYar2M05LszcBATJpJbV8Qv%2Fy3D99J4Z%2BvyYUNLmbjHPh7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8efbc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/wysiwyg/quote.gif
104.21.235.176200 OK 122 B URL HTTP/2 2img.net/i/fa/subsilver/wysiwyg/quote.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 21 x 20\012- data
Hash 3b56481d6e6f60079a3c15f2350e1f3b
0e21fe63ed661103db16eb368980756a30dd7664
bb21e5e16d25835984f34075e14d18fa6024df1373c6650aba4c2ef8a7de1a23
GET /i/fa/subsilver/wysiwyg/quote.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 122
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-7a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 580501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euhNmw%2B%2BkXIg5d9OIcrGmOIqrmUznJ5N5C7Sh%2ByUcjQ0pCjD4HCcnI8RS0H80%2F4myuuLDeo2PgwoT%2F8BjoK3vzLWKVpEpqw3H4OiWzWDMUVDRIRcrZup8ioxdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8f5bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/prosilver/icon_contact_www.gif
104.21.235.176200 OK 347 B URL HTTP/2 2img.net/i/fa/prosilver/icon_contact_www.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash c338e10bf84bc5fa3152835f5b66c030
e73f388dda6f87b9bbabf962b36caedcadb72a29
c935da35fc40d1f900c7f05926db8dbd26daceabf9e61a6744f3ca1eb3e91cf7
GET /i/fa/prosilver/icon_contact_www.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 347
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-15b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5670120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQ2%2Bs8GOJ3UBQ%2Fwq8uJAXVVyFKfrYmPtzIK%2BI0Wr%2Fhk3JR94OZlCF63ADSwjHsIxgTnEbMy7alxIlO8dhmG3iMucT7yOdkRdNHpBzk32AjadFR2FQ%2BmDyhpvNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8e8bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/wysiwyg/bold.gif
104.21.235.176200 OK 77 B URL HTTP/2 2img.net/i/fa/subsilver/wysiwyg/bold.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 21 x 20\012- data
Hash a275addf194180d9af9c654a250425e9
f41d7dd4c57212b4fc38c5d4e0f12424b07b4147
9c393fee7e3e451fdac483a6dc0e6dfa38e6e5b2191ded42009bfcaae9f09414
GET /i/fa/subsilver/wysiwyg/bold.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 77
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-4d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5653604
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcHonl8z77ZTu0xPuiSEkiLdgksa5PwH8gSlSEbuKfqc7EnLczyRGliGcDOiPHaImsWDFKLGjmSP7y8TkpQb6qVcWsKy6lnoWiZ1IQrRlGQF9TYqCr9KXCVxNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8f6bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5670156
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fb9s0SxRyRvrVNPKrL2O2jsVtGjPrWZcjDil6xPTo%2Fw2jJ8IsSb%2FXKNE6d%2FrAQWoOve8XHOxGYT%2FI%2FpKrHCJ7p2sBVwBrZ0lbwQ5MInlfLegwazL8KahOG31ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8f4bc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0e0d8a73fcf4d0146bef21faea2ec8f
0516bcc33d6d9deb3ba192304368024f6146d95c
736d9b58dfc40bbbd3490e4011bb0c4f00843783423d7a1ee88678e60e83ec67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Last-Modified: Wed, 01 Feb 2023 23:48:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4883
Cache-Control: max-age=150772
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Etag: "63daa052-1d7"
Expires: Fri, 03 Feb 2023 18:45:57 GMT
Last-Modified: Wed, 01 Feb 2023 17:24:34 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 255877a6ddab3cd916aaea86fe2ca06c
bbfe5817fb75aa80aaaa9361cf493f2a78f26938
03a4e2b3f08ee3a9c3667c9ebdc2c17df2c9bc7218456c146ab53cf145ab10dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03A4E2B3F08EE3A9C3667C9EBDC2C17DF2C9BC7218456C146AB53CF145AB10DD"
Last-Modified: Tue, 31 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=550
Expires: Thu, 02 Feb 2023 01:02:15 GMT
Date: Thu, 02 Feb 2023 00:53:05 GMT
Connection: keep-alive
cdn.jsdelivr.net/emojione/assets/png/2665.png?v=2.2.7
151.101.129.229200 OK 449 B URL HTTP/2 cdn.jsdelivr.net/emojione/assets/png/2665.png?v=2.2.7
IP 151.101.129.229:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash d96be3593df852a6bf4151ec24b16162
43a226f5958af1de8ca9d5e224b55b009e19909a
271429d12c40be921897005b7bdd08f9518960af1e1e6f56bb0060f1f183651e
GET /emojione/assets/png/2665.png?v=2.2.7 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
etag: W/"1c1-Q6Im9ZWK8d6MqdXiJLVbAJ4ZkJo"
accept-ranges: bytes
date: Thu, 02 Feb 2023 00:53:05 GMT
age: 1283382
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 449
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 11d397895cf90f894953753b0f21bdae
beeb4623a331334b21011972e25179ec925fcdb3
fea881c49dce91bde65c2fdedb0b35edd3a9ec11b37673a6ab7a311875dc6a13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2957
Cache-Control: max-age=108571
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Etag: "63da02ff-117"
Expires: Fri, 03 Feb 2023 07:02:36 GMT
Last-Modified: Wed, 01 Feb 2023 06:13:19 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 039542635dc0ae5cc0f5a5e7fb2ae9db
49c0cc5a6432c54a1e127daebcf48725b30ef1cd
cbec06f8555a8eb30c3dd871b0926d5d48ed5e48570a849d7912dc22dd55b9cd
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:05 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "00BCB28757C11197A85B49466D767FCFF5CF1A33"
Expires: Thu, 02 Feb 2023 11:00:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3320
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ef2a4cf7cb4ee-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5512b9636b6feebc8ae1e316daa0ec5c
f92bc918ba4eafcbf9b7bd4a7b7bb109759f83c5
147a62a04275038c46dc082fca731d7b33b33242697724be18dbbc77987032e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Server: ECS (amb/6BC5)
Content-Length: 278
i.servimg.com/u/f43/16/43/22/50/group_10.png
172.67.178.62200 OK 807 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/group_10.png
IP 172.67.178.62:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b78ca881bc7039e2f224c69c6e43cae3
ffffded4580b1077130c1aea09ef090a24ebaa93
96608478c1032a9cf112d812a6f25b9c394de4424931e86921004bc84528411e
GET /u/f43/16/43/22/50/group_10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 807
last-modified: Wed, 05 Nov 2014 06:45:10 GMT
etag: "5459c776-327"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Wed, 18 Oct 2023 02:28:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK4x1sevayetNIHWcxjbkvupM3ITF3D8qMjl9yEA9qfM%2BPFbCXQveQkHZNX6w93SSlD8bm2K3F%2B93x%2F6KsMIbGR08K4l5W%2BO75aMXIt6jrM7pobBpssXI29V9sReDtj4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4bf70b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adminstar20.3rab.pro/10969.js
94.23.150.222301 Moved Permanently 0 B URL HTTP/2 adminstar20.3rab.pro/10969.js
IP 94.23.150.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /10969.js HTTP/1.1
Host: adminstar20.3rab.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:05 GMT
content-length: 0
location: http://adminstar20.rigala.net/10969.js
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
i.servimg.com/u/f65/13/95/29/87/a3d76410.gif
172.67.178.62200 OK 1.1 kB URL HTTP/2 i.servimg.com/u/f65/13/95/29/87/a3d76410.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash ec1c3cf3bad68a28080cdc3999e1c393
6cef558492a59565c4b304ab84c5bafd29c50ec6
f8fb548ef8bbe2a2fecc2827aa7a4515493bbeac686846e6fda3f807ca71c495
GET /u/f65/13/95/29/87/a3d76410.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 1135
last-modified: Wed, 05 May 2010 21:36:04 GMT
etag: "4be1e4c4-46f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 06:30:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhyCX08CEujuJTQtWOuNtE6H2mzgy1zM2NdLpKGYGPqksLgVoNQTbLPbUSyquwOZP0HcPzX3a46OsT22E6AUrXNF%2FUjcd9LiszoOkk1lxqgxZDUAcvbGbMzWsDbD7hhR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf76b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/0111.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/0111.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/0111.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQdL0pMm3mee5Q0ZpqFLAqEpxC5dbaNRtWAFlTo7qdFvgL%2F1%2BdgPEkGv2s4bfG5%2BkqA8CQTC6hx2guvSkKdIx9yyjOtJ8%2BWiUL0uAMR8quxw7UpAR0ym7MUGU1z1Q%2F2k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf7ab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f65/13/95/29/87/56x76311.gif
172.67.178.62200 OK 1.2 kB URL HTTP/2 i.servimg.com/u/f65/13/95/29/87/56x76311.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash d1a5331b5a92573fac3e6eb39174b02a
7feaf8565390e3a71b6de5941dda3d08430af74f
24209a93a8d95ab9bf4f46acab37a66a87cc6f80f3d73a5c184a593401d4cf3e
GET /u/f65/13/95/29/87/56x76311.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 1177
last-modified: Wed, 05 May 2010 21:35:15 GMT
etag: "4be1e493-499"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 07:17:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOuR3oAeHIRqPoWctsq4rtDfP6ZPC%2Fy%2BAmI3MfAX0nHPlVO%2Fss9xMOgLllcv8E%2FaPV9mC3AF8VEGjL1FKFIsE34XFn40UFkLJy2lq8gx7%2B4xrVQtMerktPkTbU6ra0Wk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf77b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/user_a10.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/user_a10.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/user_a10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzkggJ4nsMDt1H4OHJpQ5trFEo93KHOsUzf%2FibevBYOUTE%2FW0BorbnU5g9sNjFlI6GmXAgoVp4Kbs3E%2FcQbDtTWuOa9ZDLmZxCS8GViTQYlWtBt50TuYFnk4zzZDQyRW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf74b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f45/16/75/43/85/fb110.png
172.67.178.62200 OK 5.6 kB URL HTTP/2 i.servimg.com/u/f45/16/75/43/85/fb110.png
IP 172.67.178.62:0
File type PNG image data, 33 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 4911e62acc17de7d7431a2ba1fce58a4
05368c00922098d284a74013d5e10d2eef7e652f
27fe4044aa1f66bf4235cfe0c969968c6810b68f913b33be2f4d919a7501a879
GET /u/f45/16/75/43/85/fb110.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 5557
last-modified: Sun, 01 Apr 2012 20:30:49 GMT
etag: "4f78baf9-15b5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 07:33:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52%2BL5F6zc3P6cNv%2BKt%2FEmgNeAq9irMIiz%2BVNcnKvilMv%2F5u%2B8%2FMlIOTmp8L1CbM7Hmvkqflzfj82kc0xc72HbWcXibfA5vd5OVlyvuwPCW%2BmlNS5S6yb4rekqlLzHNwa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf72b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_20.jpg
172.67.178.62200 OK 2.3 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_20.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 121x79, components 3\012- data
Hash 479b7cf5543215132f813b28a5156fce
82aa8f4d577273146b9ccbfdf4b616531f4a165d
baab17102899231be91bc4785cfbedb6c2a3d22c226f188b9298d73f061d15d1
GET /u/f97/18/22/98/96/anfas_20.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 2344
last-modified: Thu, 29 Sep 2016 20:57:21 GMT
etag: "57ed8031-928"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 26 Jan 2024 23:47:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoduBJ8N3TVK4APcbdQzQ7vXUJ%2BkP%2FS7oUQcrJtIoTTWTKHgdJ79FF6jQPtUULZzClxrKR2F3mRy4mGvVFQTORgNkUuKdzcDrdyRfpZ2Ir7XnXCSxyr81RBOqbKJAAPf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4ef8cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 41 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
Hash 20fdd94ae64afe26995280d958157956
24a154ed5694854d7b1c7db1f72a7f2b3a2ce826
c543707e19c26f61c44a5f335c9fc93bf64c1fac5c3cbde6ea4da48e583332d3
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-1e4ab"
expires: Fri, 03 Feb 2023 00:53:05 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
2img.net/r/ihimizer/img193/8369/dfxaudioenhancerpro9012.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/r/ihimizer/img193/8369/dfxaudioenhancerpro9012.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /r/ihimizer/img193/8369/dfxaudioenhancerpro9012.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:05 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZkSk4JNzO4T8t%2FBai3jW9xyG4L2JT44h2JD3fg7YqnOaEAysWWU1C39wobgIMgAuTaE20gxciwWErTA%2FcWn8jqF3BN%2BeIdWmSiIZI3tuyknhLH7ZETMxtzbXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a3c8ecbc88-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/110.jpg
172.67.178.62200 OK 95 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/110.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1028x497, components 3\012- data
Hash c6307299d1ea5bfeea12ddcca53c9ace
e9d5772fb225e706c7a5833d89c75cda9f2e9ad3
8445dc1c69e337a706af440ff1d39dc9afe37c1b67cacac9ee0d0ec5d20b1cff
GET /u/f97/18/22/98/96/110.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 94671
last-modified: Thu, 29 Sep 2016 20:31:16 GMT
etag: "57ed7a14-171cf"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 26 Nov 2023 02:51:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0XsTjQAdJ%2B3Nm1RVlh%2FxBfJYjVCKd92iEBYumdUNV2XRFE3%2Bb42kBPa%2F%2FMyfM4SZXL4s6lup1jq1ied%2BLT9O%2FTsIXk%2F5JMta9jI%2F94YhLVsCtbRrRmSJYttey0VGrpF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4df83b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f68/18/22/98/96/s10.png
172.67.178.62200 OK 987 B URL HTTP/2 i.servimg.com/u/f68/18/22/98/96/s10.png
IP 172.67.178.62:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8346a4491de5e885c191b151632eaa9e
bd6cd86c3e78adc96eb8231636c2c69e97a44ada
f6a3d8dab66e2890b3d3f59002bd3c141a4d1195ab82d9ba8f430dbf62ad1b88
GET /u/f68/18/22/98/96/s10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 987
last-modified: Sat, 06 Feb 2016 18:39:31 GMT
etag: "56b63de3-3db"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 20 Oct 2023 06:39:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95329
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaCfibxCdrsFNitHkc5844MeyIk7og3AM2C%2FoR1Lm44BqkvOV6m2nMoTa6WB65%2F%2FNH4Q7Q4wJL%2BlTJnfa7qRPcwn%2Bek6U9w88PPug7MHfuXSqSkVUz5UCElf3gmDM6Sa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a5afe9b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/group_11.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/group_11.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/group_11.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7VNcs6LLeSCA0C5yutKBFJEKXKWUIYyJ3U3ta%2Bi6PyupshqT8FZWUGtdLEo0zL3RYh80pXttNdr%2BNv1lEn1htuYgeaNrlZTutB6DeHtRJuWRqymfiwveh5cNBZa%2BViW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4bf6fb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/page_r10.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/page_r10.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/page_r10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EXd2U0PYqajc9i2cMlXPgd9S7LeG5FQD0QP1y1sqFRv7w7DVB8s9FiaoG4X9bId7leWjYwZTCPPzfDCItlrhIm6nts%2BfNJFECIsGBMOQF9GmOKQRMpw%2BF903ASmwZwb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf7fb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f27/11/66/67/10/810.gif
172.67.178.62200 OK 1.2 kB URL HTTP/2 i.servimg.com/u/f27/11/66/67/10/810.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 72 x 15\012- data
Hash f3c9c8ae50ec4931abb7639a273964d0
2f94b414ba5e6b0fff89780ebaafd18aedff1c73
4372b2d8a43725848b0da7ef060304c0d12c4c64323a80ef922aca36bdc5945f
GET /u/f27/11/66/67/10/810.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 1179
last-modified: Fri, 04 Jan 2008 10:12:14 GMT
etag: "477e067e-49b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 12 Dec 2023 20:35:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBF%2F5zLyklOCTmeBFSH0xLAhJaZk4hMFIk%2BLx1nou479BJfomWZYLh35HQYB1fem49WryCv2xdNifvmIOuxhCNruri232cwxLHb2QFRkNksdWScag3YbyAVKL9o7j27s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf75b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/vcard_10.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/vcard_10.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/vcard_10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCBQOmshISVqrj1k4nxev0uVsh5KHf%2FTiT0PMsB521jGINiKhPT5Qz%2FuCMLzRV5jscw5lagcVvV5syWAclpxjKJgA4a8B6W%2BtK53zufAkedtITXcYlDV9ED3ozU%2BVBPV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf79b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
habeb-alroh.forumfa.net/%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%B5%D9%88%D8%B1%D9%87%20%D8%B4%D8%B9%D8%A7%D8%B1%20%D9%85%D9%86%D8%AA%D8%AF%D8%A7%D9%83%20%D9%89%D9%87%D9%86%D8%A7
178.33.115.32404 Not Found 12 kB URL HTTP/2 habeb-alroh.forumfa.net/%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%B5%D9%88%D8%B1%D9%87%20%D8%B4%D8%B9%D8%A7%D8%B1%20%D9%85%D9%86%D8%AA%D8%AF%D8%A7%D9%83%20%D9%89%D9%87%D9%86%D8%A7
IP 178.33.115.32:0
Hash 1d371684f5df0e06ede8a8105135d6ea
a2cac4819fd70aa4b1af3c5fb03af609c940ec06
badf2a9cd97ecd23f8de628e58c70544fd5fb4b44fe4eeb396717150a92cad33
Analyzer Verdict Alert fortinet Malware
GET /%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%B5%D9%88%D8%B1%D9%87%20%D8%B4%D8%B9%D8%A7%D8%B1%20%D9%85%D9%86%D8%AA%D8%AF%D8%A7%D9%83%20%D9%89%D9%87%D9%86%D8%A7 HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/0-rtl.css
Cookie: exadd=167531; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/html
etag: W/"5db7f6f0-1044"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/lang/ar.js
188.114.96.1200 OK 19 kB URL HTTP/2 illiweb.com/rs3/71/frm/lang/ar.js
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash c201847a025e5f292074c4df930718ef
85222f33fe07c74c45300113fb76aa1ae2ffdfe4
4703333152e32ab37f38861e0271c9267e9ccbe3dd6e8ec9cb8bfd45b602fb61
GET /rs3/71/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:39:06 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1181639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jo8%2BdSMo2ZWbFc2RPtT5GHwaIaHh2zMYH4LF8H6rs%2BubcbX1JP8Q8IrIhi1ZzIeoJ50mzzqzCElzg78SWcGRXJMaHgvuTjZE2G%2FkbAx6tYruPdb9JEBigkNxuA9YtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a2dceab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 11d397895cf90f894953753b0f21bdae
beeb4623a331334b21011972e25179ec925fcdb3
fea881c49dce91bde65c2fdedb0b35edd3a9ec11b37673a6ab7a311875dc6a13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1268
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Last-Modified: Thu, 02 Feb 2023 00:31:57 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 279
i.servimg.com/u/f97/18/22/98/96/210.jpg
172.67.178.62200 OK 12 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/210.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 03:39:56], baseline, precision 8, 188x48, components 3\012- data
Hash 772ae01358d698fd970d927fb69f0eba
c9059fbddc248400ed0e0428fd1c08e98cf9bdaf
5b341f1e1f28825b6aed087cedfc0262647b4a32bd4a3a7214c5bdd75030861e
GET /u/f97/18/22/98/96/210.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 12248
last-modified: Thu, 29 Sep 2016 20:50:25 GMT
etag: "57ed7e91-2fd8"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 06:40:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9hHRQvv51%2FTFX5TFdotntxEXQrN4MBqOBLaWuVWFRkTTARwuwt2NuaqTE%2FNIlctQRwOgS08NadmJmTEYP10roIFtWkcjNmbnbqk4OASA16QW9MZ7ft8C%2F8ofdRsFiG1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a5afe6b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_18.jpg
172.67.178.62200 OK 41 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_18.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 04:48:59], progressive, precision 8, 578x84, components 3\012- data
Hash d7bc19036d24b2c4bddb4215cd77d1b3
0d86344f97a46671a84992d63b267309e1e72d36
a5f0a3b0932461e9c16e3cf18d1aa2d31401494c80ac08cb6fd8d412a52c413f
GET /u/f97/18/22/98/96/anfas_18.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 40912
last-modified: Thu, 29 Sep 2016 20:37:30 GMT
etag: "57ed7b8a-9fd0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Mon, 18 Dec 2023 01:33:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2N4sXuYxbWMiOXkWJpOh41eAzLmIxV8oB6JWYkxrTKsYS388Fe6v%2BA5ZFI%2F3PRTHqDv1%2FwXQr8Hs4ymtg25y0qILHqWnUiBj2sSryuNjurOzCc8%2FQkXirNmffMhVzfd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a59fd6b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89a41b62d4e3c9ad7023a8e1c2132fd0
dd329cf93b90e6729f48aab8e9c8e36447d52c20
fd93ab9fd5f44169755686d0abfc42f74fff7db0360ea846caf082dc34f98c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD93AB9FD5F44169755686D0ABFC42F74FFF7DB0360EA846CAF082DC34F98C89"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11551
Expires: Thu, 02 Feb 2023 04:05:36 GMT
Date: Thu, 02 Feb 2023 00:53:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ce201854dfac60c7352e4e00ab94ea0e
9c9992a4e184e8d0065dd31447fdd2c064ddb83e
e10b3fc2d8a108a480143bfc16db088a3038e0b4230739b0c507bbdefa6ce6ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Server: ECS (amb/6BA6)
Content-Length: 280
i.servimg.com/u/f97/18/22/98/96/anfas_21.jpg
172.67.178.62200 OK 12 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_21.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 457x79, components 3\012- data
Hash b9e84fe0e5aa40cf97cfef29ebbe0274
eff6750a7343b7db3dbe86da51011c896c0240c5
97a04ea64e90c9abe6a25eedc88f9cc87090ffff2d4f692741a1415d70acb661
GET /u/f97/18/22/98/96/anfas_21.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 12190
last-modified: Thu, 29 Sep 2016 20:57:24 GMT
etag: "57ed8034-2f9e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 08:52:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDjgH6yiS9TafvYme%2Fvs4GzVN0LcT5%2FqyxWT5f5Kz1yDsKDOnJuDUkDVvv9IwdCH6PISKzzjftJWUBWMPd6nlEz1H6duZGatuQF%2BWCNF%2FivCvp%2BG6RxuUvb62KcLLG%2Bk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4ef8bb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_15.jpg
172.67.178.62200 OK 10 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_15.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 03:29:38], progressive, precision 8, 34x117, components 3\012- data
Hash 3a19118c95efd5182695129e3d5860a8
8e899d97552f0396abeffb8e501a5fab9599ed65
86966c9afb3961a09a81ec253cb97e26b74cec00820b4958ecc17b80a6cadab0
GET /u/f97/18/22/98/96/anfas_15.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 10123
last-modified: Thu, 29 Sep 2016 20:35:03 GMT
etag: "57ed7af7-278b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Mon, 18 Dec 2023 01:33:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9jjkP9MobIp7Hv1rEYtBUssiX1grzWaHxv6YvARdcOLYmGnf0eiTfxORyWCdzDGIMJ5axoBGXOTJXNMJKagv3HV0M0TwojTch%2Fek27AOiTl9NrJF1oOA9n7LBIX3rpn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a5afe4b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/jquery/marquee/jquery.marquee.min.js
188.114.96.1200 OK 22 kB URL HTTP/2 illiweb.com/rs3/71/frm/jquery/marquee/jquery.marquee.min.js
IP 188.114.96.1:0
File type HTML document, ASCII text, with very long lines (4467), with no line terminators
Hash 2c2c8ff3732c4b55f67c2339ca8eb48c
a3b27124e852bc942e4daf4a2793dfa150d31e89
81e3c7e5c0cec9a78f2d57d4dc7939d505d00541aacc44d58302b8b1b2a2bfc0
GET /rs3/71/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Fri, 19 Jan 2024 08:36:51 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: HIT
x-cache-pr: HIT
cf-cache-status: HIT
age: 1181774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x8pn%2F%2FRdUoK6SwVTmjgS3DWJt%2FokU0UFebeR%2F4mkO9zETCj5HHpcUzZuTnnpzGGSE8oY%2Bthwf%2FdDJlzxNFN44aVvzh47ANjmUQGfTj%2B%2FUJXZ7Het7rBiY59Tvpzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a26cc9b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/email_10.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/email_10.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/email_10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIq4nf2Z3TNnnd0I8zjt%2FW9iNJz7C4vb2XdwXhIdC7cA%2BxF00KaufZXBaZo%2B7msV563ioGYvqRRieFEvQDHNx4YzDynfC1IiZ73kv1wsDgMRQUzu3kcYAzwuPkkbIFpZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4bf6cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_13.jpg
172.67.178.62200 OK 47 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_13.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 04:39:27], progressive, precision 8, 532x111, components 3\012- data
Hash c8915e4d1c4e9c3548b723a9d1e9c104
f8e9530db054f80912b97a81b16f48e5a6dea3d1
f2327a31d509b314644deb587bbc81a235fa6046fff55c0c866080ad06fe0df5
GET /u/f97/18/22/98/96/anfas_13.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 46992
last-modified: Thu, 29 Sep 2016 20:33:19 GMT
etag: "57ed7a8f-b790"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 10:14:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FlzDAkX5iOPk%2BNlLIiWkep5ip38tJV3w5ju5VRSficvWXyYAilT9b5vkm%2Fi32tK7XSVuSiuRmXKZU9ckke5uj4amIDRsk%2FckKE1S061zC9cloeBPL12xQLY1iTnpdJL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a59fd4b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f45/16/75/43/85/google10.png
172.67.178.62200 OK 4.1 kB URL HTTP/2 i.servimg.com/u/f45/16/75/43/85/google10.png
IP 172.67.178.62:0
File type PNG image data, 33 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 3cae6bf24dc92dde869f2ff4b8a52e9b
97f782e6766954425662054e1eb55b7e1ab19a9c
ced46625689e36b372bfd0564e94b8b951983092d66e9dbb7ca0c415c33dbe2c
GET /u/f45/16/75/43/85/google10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 4127
last-modified: Fri, 04 May 2012 10:04:57 GMT
etag: "4fa3a9c9-101f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 07:12:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg98E%2BOojb2nJ8EEZnD9xjwG2QCKXXo3hIejT9HSNNTT6qCg5wYBvtrz11Up%2BOXWsyjWSX2o4QR1L6uSN3qUQzttbcakgXwapRhLDxyxskBNC%2FwW1Mi7OFGUC%2F46ilff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4bf6eb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f43/16/43/22/50/page_w10.png
172.67.178.62200 OK 43 B URL HTTP/2 i.servimg.com/u/f43/16/43/22/50/page_w10.png
IP 172.67.178.62:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /u/f43/16/43/22/50/page_w10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=du8OX6PtCy7bqsLQEqAIDa3nKon3ajjdvvnBj7YDocbPjjyhIoY8rpt4EV%2BSR4ckwm0jvj45GUwxKPJ5eJhHBjiM%2Bp3%2Bz49B8hoawzWOYOMMahggn%2FSUbukfLqo5u9qR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf82b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_10.jpg
172.67.178.62200 OK 4.3 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_10.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 42x497, components 3\012- data
Hash ae08a276d2d1a4f4fb12b33b68f722cc
89341227998e4b32c3e7cf02626237ab991c1b99
daaba568f99692b3ca76a22e364e0a4c905e1f92d46050a721593c39a33d5a9b
GET /u/f97/18/22/98/96/anfas_10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 4318
last-modified: Thu, 29 Sep 2016 20:30:48 GMT
etag: "57ed79f8-10de"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Mon, 27 Nov 2023 18:51:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9QduIuhRg5K%2BU6fe%2FI3SSPlAzvOUOZ2nMwrt4ZEgT87TZWcnhTOIEsLiECJSy5LZQsFRt66O%2Fgjui%2F7730RCpWUlbX7uZ0i1l66bpZJqU6a2lTURo4NFh8jSlxwkTqh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4df85b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f45/16/75/43/85/twitte10.png
172.67.178.62200 OK 17 kB URL HTTP/2 i.servimg.com/u/f45/16/75/43/85/twitte10.png
IP 172.67.178.62:0
File type PNG image data, 33 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 159ee0cfdc8e98f47db763a7ebcbb1a1
5600d1fd1921764ae1ea2cc60057aa3e5f58662b
1156e7857c303c84340a45e18161bc8d24ea52acde3457465058b944654952ab
GET /u/f45/16/75/43/85/twitte10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/png
content-length: 16904
last-modified: Sun, 01 Apr 2012 20:29:49 GMT
etag: "4f78babd-4208"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:17:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOQY%2BSBhu7ZzF9mXoPAnVwl79xg6IjwL%2F%2BSgRj9TiePwgg%2FGYx3iJAJrJWg8NkTVi%2F8Cse4h8TXwPzSFAoDSQZIJTh8hYjFWMXS7ksnaoHdVjE%2F%2BdAuFeidylccvS1F%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a4cf73b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_17.jpg
172.67.178.62200 OK 9.2 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_17.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 04:44:38], progressive, precision 8, 53x84, components 3\012- data
Hash 0d2e4c43d22de801fa798abe3a05dfe2
b35a21c4f57e490f61c6e71c3948da85198f3586
4d569a0bace974d0891af60ba440929e15541086639f95e14e1c06159c3b7d1c
GET /u/f97/18/22/98/96/anfas_17.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 9243
last-modified: Thu, 29 Sep 2016 20:37:28 GMT
etag: "57ed7b88-241b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 02 Feb 2024 00:53:05 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxWczT%2BO8wsSEsqzjv2d0byaFpX1IvYzhetwrnArQl8ftO6DRVtCx2AuEplkl7bsYQkArGG6qq0NQZH9m41mB%2BlPv16a1nvicGcXKV9wLNhIXpac1Ll8ZY0jfIQ1cTqO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a59fddb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash e84bbf480fa25d069037aa23b2bdeb43
8641cc697b258fc031261ec4ca7ce5aeadac86ba
7733ad93a256181841402c28fe18f448174ce26ff52cf1acabaf2ad4b8267226
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 00:53:05 GMT
Etag: "63d9aea4-1d7"
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qJ52kaBTC-CqNCKQwk6ydBQBA2xmrDnDNLrSM_S--IjjoFpzMbmixA==
i.servimg.com/u/f97/18/22/98/96/310.jpg
172.67.178.62200 OK 21 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/310.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 03:38:43], baseline, precision 8, 188x48, components 3\012- data
Hash 27ad7c7181260db687a5b1a8d893fc35
c95e4dd0a45cb49b986ee3f6288a0a7e51e489ac
030593fc30373bce06bb5f34e95a013ed40e9321eb24eb6bf96583d84224adaf
GET /u/f97/18/22/98/96/310.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 21217
last-modified: Thu, 29 Sep 2016 20:42:47 GMT
etag: "57ed7cc7-52e1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 26 Jan 2024 23:43:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyGLZdmGfQYRG3xFZDnzgpFQ7jy3fVfuaUJW07%2FXURAtUCtz%2Fz%2B40fPK8A%2F0jVm6cpwnGoFwblAM2t39KT7FxTcAEMg0lW2QwpMDANCFzvC27JkhK4UBKICZ5WaP87r0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a57fc9b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_11.jpg
172.67.178.62200 OK 13 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_11.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 04:40:35], progressive, precision 8, 133x111, components 3\012- data
Hash 8b97d11d2f9279f0c6dfe3afeb4ef036
959f95647b3979c6933a118ace949305f19683aa
d06784c0ff8de84dd5aac7afc497ef91e0e2888274db1e1ced8adf5a013d5a86
GET /u/f97/18/22/98/96/anfas_11.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 12807
last-modified: Thu, 29 Sep 2016 20:33:14 GMT
etag: "57ed7a8a-3207"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 26 Nov 2023 02:51:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtEjTgHGj5QTdTlDqJ%2BCJHEIRf7pZfmQ6YtgnWYLYudT5sVM9ckzPQeuST7cj0JvMS5NKb01%2FkzI1IPWV%2BAV2ZwT9se8UoKsFSxzmgpXFoPL9qaIifK6iYjdpdX7R8WT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a59fd2b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a1.pnghunt.com/preview/1012/104/942/neon-hearts-blueneon-png-clipart.jpg
172.67.222.194200 OK 3.5 kB URL HTTP/2 a1.pnghunt.com/preview/1012/104/942/neon-hearts-blueneon-png-clipart.jpg
IP 172.67.222.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 9422cf6e019e88c1459e1f277acac264
9e0def273c1faa0d027814c412417164a6b7f582
3b89bb54cdd5d7ca84e83464269fc21906f82fb7b0e729b21309932aa7dfe47b
GET /preview/1012/104/942/neon-hearts-blueneon-png-clipart.jpg HTTP/1.1
Host: a1.pnghunt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 3525
last-modified: Mon, 02 Dec 2019 09:09:43 GMT
etag: "5de4d4d7-dc5"
expires: Sun, 28 Jan 2024 00:53:05 GMT
cache-control: max-age=31104000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bE%2B6Na%2B3n%2F1q2N2dKfn9dVf7CpVQrVZXfB%2BihyTbrabrlazrXIkdZK3%2BK%2FAf3Zo2Q%2BAVgy%2FWIO6pZSwBjbL4pjaOGs6FjLiKIFz1ifaYQrVVEDc5mw3S33X7yNRDDoIFKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a62839b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_14.jpg
172.67.178.62200 OK 13 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_14.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 03:33:51], progressive, precision 8, 37x117, components 3\012- data
Hash a50998aeacf20d3168ae75030db4753a
5e8a0d10e3faaf1a599fc5df0eb6df0189476c36
cdaf3b90174900d1d48f98e2956fb45d567e402ce276ef8537f22b14ad0303c1
GET /u/f97/18/22/98/96/anfas_14.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 13398
last-modified: Thu, 29 Sep 2016 20:34:17 GMT
etag: "57ed7ac9-3456"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 26 Nov 2023 02:51:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kILEO29Bhek7HTqsgBxKv%2F9%2BAlOaN%2FyQN9oCIWVvOPhihEYCPQZJpYGk9XFqFbO3pYn8wgNUJkdUa4GiQSbuOZOmnb%2By%2FaqsEJ%2BsMIaHT6M%2FumuNkpKbaKUU3ZOMp6KM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a5afe3b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f97/18/22/98/96/anfas_16.jpg
172.67.178.62200 OK 12 kB URL HTTP/2 i.servimg.com/u/f97/18/22/98/96/anfas_16.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:11:12 04:45:16], progressive, precision 8, 112x84, components 3\012- data
Hash ccb1a8ff928c12b97de1d00993226f78
bdd2158d86bb50970390147cc778f07d7584fa0f
2d40060c1b2db6a23c0abc6e3ddfccad97cd6667669723ff283116bb6f8e9569
GET /u/f97/18/22/98/96/anfas_16.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/jpeg
content-length: 11852
last-modified: Thu, 29 Sep 2016 20:37:26 GMT
etag: "57ed7b86-2e4c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 02 Dec 2023 01:06:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2HUUJtLD4UzWdPuyNXCKvyP9Kk5wnztdTxyFQBffmO0xFLcM2w3WDMt2FC7GsNAaks0%2BTOUl%2B9CIjgd14LtxjPP%2F8H2TUKqcVn7AcdEugbLmJfRXub1wVTApDZhn1zY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a59fdab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ce201854dfac60c7352e4e00ab94ea0e
9c9992a4e184e8d0065dd31447fdd2c064ddb83e
e10b3fc2d8a108a480143bfc16db088a3038e0b4230739b0c507bbdefa6ce6ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=95524
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:05 GMT
Etag: "63d9db95-118"
Expires: Fri, 03 Feb 2023 03:25:09 GMT
Last-Modified: Wed, 01 Feb 2023 03:25:09 GMT
Server: nginx
Content-Length: 280
s08.flagcounter.com/count/Jfyc/bg_FFFFFF/txt_000000/border_29C1CC/columns_2/maxflags_12/viewers_0/labels_1/pageviews_1/flags_1/
45.58.124.226200 OK 14 kB URL HTTP/1.1 s08.flagcounter.com/count/Jfyc/bg_FFFFFF/txt_000000/border_29C1CC/columns_2/maxflags_12/viewers_0/labels_1/pageviews_1/flags_1/
IP 45.58.124.226:0
File type PNG image data, 186 x 162, 8-bit/color RGB, non-interlaced\012- data
Hash e7f62461701f1ba35c74e664d8a4fca9
aceeb01587262babe8e4647a25984d26cb28d4ae
d433258ee0c5440f70c034380b86bb48e475ec6e096217dedfd58d7e4b336134
GET /count/Jfyc/bg_FFFFFF/txt_000000/border_29C1CC/columns_2/maxflags_12/viewers_0/labels_1/pageviews_1/flags_1/ HTTP/1.1
Host: s08.flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
www.wieistmeineip.de/ip-address/?size=468x60
18.196.129.223200 OK 4.6 kB URL HTTP/2 www.wieistmeineip.de/ip-address/?size=468x60
IP 18.196.129.223:0
File type GIF image data, version 87a, 468 x 60\012- data
Hash d51c636f22e748f476358086ea02ca51
d124b1372a024cb867957847a43a9c25f0dd2231
0909e1f146a085b29e3e4ec804681425581adbe426dc9452590386f591136cca
GET /ip-address/?size=468x60 HTTP/1.1
Host: www.wieistmeineip.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: image/gif
content-length: 4552
server: Apache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
set-cookie: session=9pvp3d14b7c538rqqo9173a2j8; path=/; domain=.wieistmeineip.de
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: sameorigin
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29fd02ffb8da8e659bbc377f04d6df12
a58bd59887fb91548edd26d8cef19a20c52d975d
fd108a8fc1fa98a379b63248f79df3c33dde475a4a62694c51ee832b154e555b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD108A8FC1FA98A379B63248F79DF3C33DDE475A4A62694C51EE832B154E555B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3430
Expires: Thu, 02 Feb 2023 01:50:15 GMT
Date: Thu, 02 Feb 2023 00:53:05 GMT
Connection: keep-alive
adminstar20.rigala.net/10969.js
178.33.115.32301 Moved Permanently 0 B URL HTTP/2 adminstar20.rigala.net/10969.js
IP 178.33.115.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /10969.js HTTP/1.1
Host: adminstar20.rigala.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:05 GMT
content-length: 0
location: https://adminstar20.rigala.net/10586.js
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/embed/FA_Embed.js
188.114.96.1200 OK 686 B URL HTTP/2 illiweb.com/rs3/71/frm/embed/FA_Embed.js
IP 188.114.96.1:0
File type ASCII text, with no line terminators
Hash 6bba044fbc8a8e02e18ddf467d90f321
3513eeaefd6f65a5147dccf44e4638efbdd9dd91
34509f6449b95e9c9ad48537681d094d935ef441fad6fc2372b1792e6ebf7263
GET /rs3/71/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:36:47 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1181778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkaTHfg0DpA7DkWNWEE%2Fkv3vnI589L1IEVu2UbUfeFet21fgfz%2FCYgPfGivdzya2ot4zcNzOLTIK83E093hG6cmiOsIqxY5PH3VHSdtQWA3WX0yTRspzrTVOpNEWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2a2acdbb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s10.histats.com/js15.js
46.105.201.240200 OK 4.2 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash b6d296cf9da7653944a8125ae7837d4f
2731746edd88e58f0d673f063b4e02b2b5c0b239
d67feaaf613c6961d7eda0de54abe7aa39c4e20c545ee2617d13a64cf9cf6f17
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:48:56 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 1020463018
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4214
X-Firefox-Spdy: h2
adminstar20.rigala.net/10586.js
178.33.115.32200 OK 25 kB URL HTTP/2 adminstar20.rigala.net/10586.js
IP 178.33.115.32:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash daff633cc64b54082f39cd3c033e716f
3888948d49bdbcc9029c8a28f3e14a94a3ef3bfa
a367758d1b741524551e7b16fe1dd7f00e96ef4ea425792dcf21903002a3403a
GET /10586.js HTTP/1.1
Host: adminstar20.rigala.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: application/x-javascript
content-length: 25244
last-modified: Tue, 03 Nov 2020 20:33:06 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16067bdd18746c56eb1f449431a92ba1
961f1f41429217e58e4fde677921f7aeaea5cc32
46e04768658c8a55c617dce51e44661b48124edb0a5cb6f97a4fd63c9acb6b5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5074
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:06 GMT
Last-Modified: Wed, 01 Feb 2023 23:28:32 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8964
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8964
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
cdn.adf.ly/js/link-converter.js
104.20.66.244200 OK 11 kB URL HTTP/2 cdn.adf.ly/js/link-converter.js
IP 104.20.66.244:0
File type ASCII text, with very long lines (24590)
Hash a9d75b7bd46c34771667449479f06d0d
bf539dc98ca8fed1ef064557305d9a26d8f5442f
b84cfa9a1114f418b7600e993e8c9d99a1ccf40e2efccd0484a365e43129d4f0
GET /js/link-converter.js HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: application/x-javascript
content-length: 11182
cache-control: public, max-age=604800
expires: Thu, 09 Feb 2023 00:06:49 GMT
last-modified: Sun, 15 Jan 2023 00:59:02 GMT
etag: "7b7a-63c34fd6-bb6751cf487a3302;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2777
accept-ranges: bytes
server: cloudflare
cf-ray: 792ef2a9fa3bb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8964
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 9251
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 10408
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 80588
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 11200
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kJt9M6jkAc3_ouNRDkJ76Njz9yKNesoJjBK_ja3dTcz5oiowk6LKbQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:10 GMT
age: 8876
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 3c6771b8-3ae0-4300-9d84-9311c15389ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGh3oAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-27479faf4518900c03b84144;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oZ6etg6l7SjzCMTg-7DhIeEXMmempp9_kMb3ITzUqbrXKz2wz0qJ0w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:02:22 GMT
age: 64244
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16067bdd18746c56eb1f449431a92ba1
961f1f41429217e58e4fde677921f7aeaea5cc32
46e04768658c8a55c617dce51e44661b48124edb0a5cb6f97a4fd63c9acb6b5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2068
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:06 GMT
Last-Modified: Thu, 02 Feb 2023 00:18:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
adminstar20.3rab.pro/26802.js
94.23.150.222301 Moved Permanently 0 B URL HTTP/2 adminstar20.3rab.pro/26802.js
IP 94.23.150.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /26802.js HTTP/1.1
Host: adminstar20.3rab.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:06 GMT
content-length: 0
location: http://adminstar20.rigala.net/26802.js
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
ahmedto.github.io/wahetaleslam/a7la.js
185.199.110.153200 OK 1.2 kB URL HTTP/2 ahmedto.github.io/wahetaleslam/a7la.js
IP 185.199.110.153:0
File type ASCII text, with very long lines (1204)
Hash 160d1f52dbf5de6ec8b8fef396d7da5d
79ae88d8897b7dd9209c4ef7881c0c546f8ad88a
6730362ddb860c2008b419da1542f8a2e4819c6e7d309a052ee480f96851a9f1
GET /wahetaleslam/a7la.js HTTP/1.1
Host: ahmedto.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sat, 09 Apr 2022 21:07:28 GMT
access-control-allow-origin: *
etag: W/"6251f590-3bd6"
expires: Wed, 01 Feb 2023 18:53:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B4FE:7EA7:10F1B94:1193047:63DAB2D9
accept-ranges: bytes
date: Thu, 02 Feb 2023 00:53:06 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675299186.277531,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: c0868e97dbfc78ad787a4c9b978fb5600e9e325c
content-length: 1244
X-Firefox-Spdy: h2
adminstar20.rigala.net/26802.js
178.33.115.32301 Moved Permanently 0 B URL HTTP/2 adminstar20.rigala.net/26802.js
IP 178.33.115.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /26802.js HTTP/1.1
Host: adminstar20.rigala.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:06 GMT
content-length: 0
location: https://adminstar20.rigala.net/26260.js
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
adminstar20.rigala.net/26260.js
178.33.115.32200 OK 2.9 kB URL HTTP/2 adminstar20.rigala.net/26260.js
IP 178.33.115.32:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 02d3cce8d28fd3d88b9a4c9e770b3b85
5d59c2c85487c29d2d60cf642fee3f7d1c29a247
2a9c0b398d7b4e5084ba858392d8fe50d51602146d3fe2f50bf070512712fb27
GET /26260.js HTTP/1.1
Host: adminstar20.rigala.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: application/x-javascript
content-length: 2949
last-modified: Sun, 22 Nov 2020 10:17:40 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fde3cea8e2d4134e4e6e9efdb704962
79f9791c91251db1dc8dc111950d4cf01cc0b508
4f21325616441e7299fea2dfa49d198ec73b3907d5862d320eaf122ccf1dbde0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F21325616441E7299FEA2DFA49D198EC73B3907D5862D320EAF122CCF1DBDE0"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11654
Expires: Thu, 02 Feb 2023 04:07:20 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
go.oclaserver.com/apu.php?zoneid=1427604
139.45.197.236302 Found 138 B URL HTTP/2 go.oclaserver.com/apu.php?zoneid=1427604
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=1427604 HTTP/1.1
Host: go.oclaserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: text/html
content-length: 138
location: https://cobalten.com/apu.php?zoneid=1427604
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 735735e719a18aff1f3ad9fb4e3fd3df
daed5f54c613c9ac7e9aa6f2713b21980fa8baa8
ac0738d265f50bfb657875a43e986974a00bab79472424b34f183243b2434a50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC0738D265F50BFB657875A43E986974A00BAB79472424B34F183243B2434A50"
Last-Modified: Wed, 01 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6446
Expires: Thu, 02 Feb 2023 02:40:32 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 39e1f412021dffbba5657ef370341654
f1796f6c23f741f65a555f5d377e32273a22ad88
3639e44dc1d4f0439c86cddd5f46590d4602763242c1d14a3e72a4c37645031f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3639E44DC1D4F0439C86CDDD5F46590D4602763242C1D14A3E72A4C37645031F"
Last-Modified: Wed, 01 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2130
Expires: Thu, 02 Feb 2023 01:28:36 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
go.mobisla.com/notice.php?p=1427601&interactive=1&pushup=1
139.45.197.237302 Found 138 B URL HTTP/2 go.mobisla.com/notice.php?p=1427601&interactive=1&pushup=1
IP 139.45.197.237:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /notice.php?p=1427601&interactive=1&pushup=1 HTTP/1.1
Host: go.mobisla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: text/html
content-length: 138
location: https://mobpushup.com/notice.php?p=1427601&interactive=1&pushup=1
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash daf856e87e657523e2e1833533afc11d
fc107ab6841ef90f41da1b076c0c8ae250b2eb24
28ed80b85c9f7f5a5682ef6cd8641cdce044c57839fb720820c025fbdff1c704
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28ED80B85C9F7F5A5682EF6CD8641CDCE044C57839FB720820C025FBDFF1C704"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16305
Expires: Thu, 02 Feb 2023 05:24:51 GMT
Date: Thu, 02 Feb 2023 00:53:06 GMT
Connection: keep-alive
go.mobtrks.com/notice.php?p=1442053&interstitial=1
139.45.197.236404 Not Found 7 B URL HTTP/2 go.mobtrks.com/notice.php?p=1442053&interstitial=1
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4
GET /notice.php?p=1442053&interstitial=1 HTTP/1.1
Host: go.mobtrks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 478e77c0898db3b8ad70f33b0d771d9e
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Fri, 02 Feb 2024 00:53:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cobalten.com/apu.php?zoneid=1427604
139.45.197.236403 Forbidden 7 B URL HTTP/2 cobalten.com/apu.php?zoneid=1427604
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=1427604 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
go.mobtrks.com/notice.php?p=1442053&interstitial=1
139.45.197.236404 Not Found 7 B URL HTTP/2 go.mobtrks.com/notice.php?p=1442053&interstitial=1
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4
GET /notice.php?p=1442053&interstitial=1 HTTP/1.1
Host: go.mobtrks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Cookie: scm=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c1ab6e965af65a04d0eb510a5be371e5
access-control-expose-headers: X-Sc
X-Firefox-Spdy: h2
go.mobisla.com/notice.php?p=678856&interactive=1&pushup=1
139.45.197.237302 Found 138 B URL HTTP/2 go.mobisla.com/notice.php?p=678856&interactive=1&pushup=1
IP 139.45.197.237:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /notice.php?p=678856&interactive=1&pushup=1 HTTP/1.1
Host: go.mobisla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/html
content-length: 138
location: https://mobpushup.com/notice.php?p=678856&interactive=1&pushup=1
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
go.oclaserver.com/apu.php?zoneid=678260
139.45.197.236302 Found 138 B URL HTTP/2 go.oclaserver.com/apu.php?zoneid=678260
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=678260 HTTP/1.1
Host: go.oclaserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/html
content-length: 138
location: https://cobalten.com/apu.php?zoneid=678260
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
go.mobtrks.com/notice.php?p=678262&interstitial=1
139.45.197.236404 Not Found 7 B URL HTTP/2 go.mobtrks.com/notice.php?p=678262&interstitial=1
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4
GET /notice.php?p=678262&interstitial=1 HTTP/1.1
Host: go.mobtrks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Cookie: scm=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 1a00783600d29ecd52a1981300a11f50
access-control-expose-headers: X-Sc
X-Firefox-Spdy: h2
cobalten.com/apu.php?zoneid=678260
139.45.197.236403 Forbidden 7 B URL HTTP/2 cobalten.com/apu.php?zoneid=678260
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=678260 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 50047c36337061584dd86de53f01bd6b
50b62f3916f88bd0aa2c4986e41f06886dbb2ff0
45d40054303af0e713261a1b6a50c6c6c1381a455fde8076ab7d9e791ddf440c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D40054303AF0E713261A1B6A50C6C6C1381A455FDE8076AB7D9E791DDF440C"
Last-Modified: Wed, 01 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8324
Expires: Thu, 02 Feb 2023 03:11:51 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
mobpushup.com/notice.php?p=678856&interactive=1&pushup=1
139.45.197.236200 OK 8 B URL HTTP/2 mobpushup.com/notice.php?p=678856&interactive=1&pushup=1
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
GET /notice.php?p=678856&interactive=1&pushup=1 HTTP/1.1
Host: mobpushup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/octet-stream
content-length: 8
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d3ada98630444932e5ff7da43a26cfb
a58195a40156e04064d42974dd4d3f09e851adf5
142901cbd7a2250674820b32889331bdea6508b5ef0c3fb0828b28f2f74d9978
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "142901CBD7A2250674820B32889331BDEA6508B5EF0C3FB0828B28F2F74D9978"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Thu, 02 Feb 2023 06:52:56 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 216d90b0cd10977deb6ddd7d3ccdda7f
4cf73b54cf3824017a7427a85b90d6c94bb785cf
d9e297e509daf29f712c9585d64b5fced99d9c6432d2f4f158bdb549346ed288
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9E297E509DAF29F712C9585D64B5FCED99D9C6432D2F4F158BDB549346ED288"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3653
Expires: Thu, 02 Feb 2023 01:54:00 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
www.facebook.com/plugins/like.php?locale=en_GB&href=https%3A%2F%2Fhabeb-alroh.forumfa.net%2Ft9323-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?locale=en_GB&href=https%3A%2F%2Fhabeb-alroh.forumfa.net%2Ft9323-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?locale=en_GB&href=https%3A%2F%2Fhabeb-alroh.forumfa.net%2Ft9323-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: JbnPC4yZ5PX2u93kk+cdsAYmPBZbj7P/jIkaj/XUzpdsD6vHLEYm66Q9oJ8TYFJyShV9BhKBly/8F1tNd7IvsA==
content-length: 0
date: Thu, 02 Feb 2023 00:53:07 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mobpushup.com/notice.php?p=1427601&interactive=1&pushup=1
139.45.197.236200 OK 8 B URL HTTP/2 mobpushup.com/notice.php?p=1427601&interactive=1&pushup=1
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
GET /notice.php?p=1427601&interactive=1&pushup=1 HTTP/1.1
Host: mobpushup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/octet-stream
content-length: 8
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 6.8 kB URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Hash 064bd3abf0dfff0f3330d6a598482438
811681f04f106401fbdd3f9352fb5b353a20dbf9
022d8dd6a7b5f78e7204fc14f5048bf7cf6843d867538e974b14cd63dc72d051
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 39480998c76d94a91da9df4fa2fa686d
f04adb0c36f6663cec46c0fe00f1952d156475a8
f123f6452e10d2408fa2d4c083e191951de76c14ed9f6a3928d50313efc3a014
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4430
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:07 GMT
Last-Modified: Wed, 01 Feb 2023 23:39:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=habeb-alroh.forumfa.net&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=habeb-alroh.forumfa.net&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 64e7ea65df612caffd18bab6d44ce421
3a3226b19bcd1e0476c127bf1f2d202313568bcd
702a202c3f274421d95d2ff0bac21c942489e65610e3a73be56d47391d5cc04f
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=habeb-alroh.forumfa.net&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Origin: https://habeb-alroh.forumfa.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: f9287442ef54aa9e4988fd838c394d76
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adminstar20.3rab.pro/26802.js?_=1675299211224
94.23.150.222301 Moved Permanently 0 B URL HTTP/2 adminstar20.3rab.pro/26802.js?_=1675299211224
IP 94.23.150.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /26802.js?_=1675299211224 HTTP/1.1
Host: adminstar20.3rab.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 00:53:07 GMT
content-length: 0
location: http://adminstar20.rigala.net/26802.js?_=1675299211224
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
habeb-alroh.forumfa.net/?utm_source=pwa
178.33.115.32200 OK 49 kB URL HTTP/2 habeb-alroh.forumfa.net/?utm_source=pwa
IP 178.33.115.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6540)
Hash 8d9f797af59351aa5dbe6a565e75a5d5
2e82526312b05931d4f99a8133cbd17ae857f0f2
c709cd3003619c28ad654c8c725a2ce6df7b54a2e2cdbe5433cc7fe2abdc54e0
Analyzer Verdict Alert fortinet Malware
GET /?utm_source=pwa HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/serviceworker.js
Connection: keep-alive
Cookie: exadd=167531; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:06 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 02 Feb 2023 00:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:53:05 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00857265264ed907da7cda1f1cd5d0bf
c5411351951f9ec9c9ca756de12078f3d5cc3683
481b563195005cfef4860944cc7c10f235b661847eb65fdc031f408c70eccd69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "481B563195005CFEF4860944CC7C10F235B661847EB65FDC031F408C70ECCD69"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Thu, 02 Feb 2023 06:52:16 GMT
Date: Thu, 02 Feb 2023 00:53:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 7b5ea028348faa94d535ff0eadfe45ba
016a9261d12d94c3c0fa109e9c499de698d7c34d
990e56912cb9cd344e7784105202b127b7c9a38ad208f6f531d5b7ebdcd267c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2791
Cache-Control: max-age=101917
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:07 GMT
Etag: "63d9e9a9-138"
Expires: Fri, 03 Feb 2023 05:11:44 GMT
Last-Modified: Wed, 01 Feb 2023 04:25:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash c2997f1bfc62b49384c2936ee6a8b07e
f2565a903d36965f88cc8c6787b82612474cd206
36cca662e41177837efa39ef64d8b7b3e12d6207ad543cb8dc00ad1ede2633c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2650
Cache-Control: max-age=134852
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:08 GMT
Etag: "63da6ade-13a"
Expires: Fri, 03 Feb 2023 14:20:40 GMT
Last-Modified: Wed, 01 Feb 2023 13:36:30 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:07 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=PrQsQ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czB3YWlzZWY3VHdIVFQ4c1lsNzIyczhZcTRUaXpSeHklMkJ5bjEydTlxWG9ISA; expires=Tue, 27 Feb 2024 00:53:08 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 327485
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://habeb-alroh.forumfa.net/
Origin: https://habeb-alroh.forumfa.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://habeb-alroh.forumfa.net/
Origin: https://habeb-alroh.forumfa.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Content-Type: application/json
Origin: https://habeb-alroh.forumfa.net
Content-Length: 394
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b1e054c9544e1b9fbfeb54b9e9bc1e15
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Content-Type: application/json
Origin: https://habeb-alroh.forumfa.net
Content-Length: 476
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: cbb089eeabd2d2c3bc4ad7fbc5bcf8ab
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5db1ec60023f1cd3ff63b232d50298d6
b40eb3ea7f660437642cf7fff0807e061b5db4b0
ba61d69990d490a4a416d1ad30bf2a6d6755c608afcdffba5ff2ca613a595c17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA61D69990D490A4A416D1AD30BF2A6D6755C608AFCDFFBA5FF2CA613A595C17"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3738
Expires: Thu, 02 Feb 2023 01:55:27 GMT
Date: Thu, 02 Feb 2023 00:53:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 05295a6ef6a1e08350820742ca84d4cd
829cfdfb5f40a5cf0a9b80d787d46652df0ffdec
2864347c8cafc993e298b6c80a7e34b0c49710b9e8e35af6815ef685d4efdaf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12768
Expires: Thu, 02 Feb 2023 04:25:57 GMT
Date: Thu, 02 Feb 2023 00:53:09 GMT
Connection: keep-alive
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 30 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
Hash 30b91eb9e59aa30612935b17297fbfa4
ad7847bb36ade0d59a284648043c878450a82947
5d7f2491ef55998ad3eb672a006b60bf199dce666a40b0eb16e609c6cd1cb9d1
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: application/javascript
x-trace-id: 4586b85d631d57456ea973bcb94dcc01
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2b67c6f41f0b44f993282061c16bff5c; expires=Fri, 02 Feb 2024 00:53:09 GMT; path=/; secure; SameSite=None
oaidts=1675299189; expires=Fri, 02 Feb 2024 00:53:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
sharebar.addthiscdn.com/1.18/sharebar-1.18.js
23.38.200.123200 OK 21 kB URL HTTP/2 sharebar.addthiscdn.com/1.18/sharebar-1.18.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (63235)
Hash c1798a437fddd25af214dba61257468b
c429f16929db1c736bcf54a5fa9f5c1b090ea9ef
54b9376a489dedd9899c15e478114889505002ae509bc0175de5e5d7ae5bfb04
GET /1.18/sharebar-1.18.js HTTP/1.1
Host: sharebar.addthiscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Thu, 11 Jan 2018 22:02:15 GMT
etag: W/"5a57dee7-f848"
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 21333
date: Thu, 02 Feb 2023 00:53:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ct1.addthis.com/static/r07/core158.js
23.38.200.123200 OK 70 kB URL HTTP/2 ct1.addthis.com/static/r07/core158.js
IP 23.38.200.123:0
File type C source, ASCII text, with very long lines (32077)
Hash b080c18b880cd5692de6b7c712877b1d
bf81ff5edffe161063b2239d8401df86a9c5a643
049411d42c804a3982ca578ba6d62824242d9610d5fbf2ea99ec1e1f21cf939c
GET /static/r07/core158.js HTTP/1.1
Host: ct1.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:28 GMT
etag: W/"5f971150-315ad"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 70223
date: Thu, 02 Feb 2023 00:53:11 GMT
vary: Accept-Encoding
x-host: ct1.addthis.com
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:11 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Sun, 28 Jan 2024 00:53:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 23:44:08 GMT
expires: Thu, 02 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 4143
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 01 Feb 2023 23:43:07 GMT
expires: Thu, 02 Feb 2023 01:43:07 GMT
cache-control: public, max-age=7200
age: 4204
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
54.230.111.6200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 54.230.111.6:0
File type ASCII text, with very long lines (693)
Hash ed1cc31dfd9e0eec16f4631fc60daa96
3ebffae7ffbd9ebcd079042afb337230e148d993
3230940b2ba3c2af9e06970cb845da7b80ca0ceb4f038d0a7fb0c4072ab63e9e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28943
date: Tue, 31 Jan 2023 08:38:06 GMT
last-modified: Tue, 31 Jan 2023 08:36:13 GMT
etag: "ed1cc31dfd9e0eec16f4631fc60daa96"
cache-control: public, max-age=604800
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qTgp9AZgoy0soAYnnfoRXAhLac3uDEAJJ3CmcZE2NYsJxA04iO-Wsw==
age: 144906
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.193.44200 OK 42 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.193.44:0
File type Unicode text, UTF-8 text, with very long lines (64952)
Hash f227a15833e7e57c737d30655aa28c8b
b43f8afd4bae6dfe7181f14dbe7d5065930717f7
73e23efdc557e35a324e8554f758683b4724ae9e2ca0d8868aabedaf7fa841e2
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "84872b54fa5fc9705b38a9ee4865288d28bbacf4"
last-modified: Mon, 30 Jan 2023 17:43:55 UTC
x-amz-id-2: D0RlSHmUCyo6pt0YJrc0hfItpxMzWJssEird8GRsOvGiJZcVf3tQeQc/oHXqDQ2KGBHMcPoHjSg=
x-amz-request-id: DTE5RCPH9FY2AJB9
x-amz-version-id: xqEbFZa_B.k_bYb094ZE6hC_A_QWiNFj
x-from-cache: 1
x-envoy-upstream-service-time: 7
accept-ranges: bytes
date: Thu, 02 Feb 2023 00:53:11 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675299192.669822,VS0,VE39
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 20
content-length: 41892
X-Firefox-Spdy: h2
habeb-alroh.forumfa.net/images/icons-180.png
178.33.115.32200 OK 6.1 kB URL HTTP/2 habeb-alroh.forumfa.net/images/icons-180.png
IP 178.33.115.32:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bbc173a2c7add9b97ed5fe2dea15269
2e00950d0813a6d995784905a90c5eb2041f05ee
689c95c5a53fd85782d965279cafd0c06042391eca615fe7e7f799e1bae5cc82
GET /images/icons-180.png HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/t9323-topic
Cookie: exadd=167531; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa1809172=1675299209972; HstCla1809172=1675299209972; HstCmu1809172=1675299209972; HstPn1809172=1; HstPt1809172=1; HstCnv1809172=1; HstCns1809172=1; cto_bundle=Alxrfl8wdGclMkJsTWZobG1xQkR3JTJGRlZ2U3FxM05PSnRXQjNSREVDdUFreWxDOE56Q1dpZ3ladWJlaVdMbnk1bjZBMkttdHZ3ekU5dyUyRm5tVlNpeEtkZ2clMkJEQ3NQYmlnbGJ1R0twWlc4eEs4NWZISzMzaEthNjlYeGFhU2NLJTJCUlN2emx3eloya2t4Y2c1ellEZE51JTJCdnFSbmQxOFElM0QlM0Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:11 GMT
content-type: image/png
content-length: 6055
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 88 kB IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (18734)
Hash 61a205c224185f7594da3e49b40d4fe5
dfd9d06f53af65bbf9037e2b6e04675873a24238
22d9517d04f391026306a78465dd57f5e6ce826d88269024db63140c36ac0265
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=PrQsQ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czB3YWlzZWY3VHdIVFQ4c1lsNzIyczhZcTRUaXpSeHklMkJ5bjEydTlxWG9ISA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=VvfSwl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czB3YWlzZWY3VHdIVFQ4c1lsNzIycyUyQktoSkVuJTJGS28wbzBZNll1OE5lRUxB; expires=Tue, 27 Feb 2024 00:53:09 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 311359
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
a7la.0wn0.com/h4-
94.23.159.185200 OK 409 B IP 94.23.159.185:0
File type HTML document text\012- HTML document, ASCII text
Hash 963a5e19d50c263ad2c1d9f46af1f80a
e0b189ce6b4065695b16d287d8f0989fb0b43a2a
874a93259174a6f84ba4f6c1874009c1fcebbe49a95d32fac0167254a8f3e921
GET /h4- HTTP/1.1
Host: a7la.0wn0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:08 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash d5aa8840f812da83fc823da528a74c1a
9e7bad3462506164bd4bdb87a761352ef8131ba9
abaa07021a967e89f7786ac14efa3ce48f24e4c032376a36421cca12f5ecaeeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
developers.google.com/
142.250.74.142200 OK 116 kB IP 142.250.74.142:0
Size 116 kB (116355 bytes)
Hash 7db52919a65d265f606b7ceb07ba2d21
5a6fc0fe4491a609075cdad6391ace82bfe0bb91
4298cf0c4a835243613fc33e70af4459654be1cf3d294ee0aaa5561cdc9a25ce
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 24 Jan 2023 21:53:17 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.3241453357.1675299188; Expires=Sat, 01 Feb 2025 00:53:08 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-Cc73cwwcMa9qXELXtNhpTNffePTL3D' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 491bec4f3c4b416b174f9089ab7d1280
vary: Accept-Encoding
date: Thu, 02 Feb 2023 00:53:08 GMT
server: Google Frontend
content-length: 22727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s4.histats.com/stats/1809172.php?1809172&@f16&@g1&@h1&@i1&@j1675299209972&@k0&@l1&@m%D9%85%D8%B6%D8%AE%D9%85%20%D8%A7%D9%84%D8%B5%D9%88%D8%AA%20%D8%B1%D9%82%D9%85%20%D9%88%D8%A7%D8%AD%D8%AF%20%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A7%20DFX%20Audio%20Enhancer%20v10.130%20%D9%84%D9%83%D9%84%20%D9%85%D8%B4%D8%BA%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B5%D9%88%D8%AA%20%D9%85%D8%B9%20%D9%83%D9%8A%D8%AC%D9%8A%D9%86%20%D8%A7%D9%84%D8%AA%D9%81%D8%B9%D9%8A%D9%84%20%D8%A8%D8%A7%D8%AE%D8%B1%20%D8%A7%D8%B5%D8%AF%D8%A7%D8%B1%20%D8%A8%D8%AD%D8%AC%D9%85%2012%20%D9%85%D9%8A%D8%AC%D8%A7%20%D9%88%D8%B9%D9%84%D9%89%20%D8%A7%D9%83%D8%AB%D8%B1%20%D9%85%D9%86%20%D8%B3%D9%8A%D8%B1%D9%81%D8%B1&@n0&@o1000&@q0&@r0&@s1&@ten-US&@u1280&@b1:-195077766&@b3:1675299210&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhabeb-alroh.forumfa.net%2Ft9323-topic&@w
54.39.128.117200 OK 48 B URL HTTP/1.1 s4.histats.com/stats/1809172.php?1809172&@f16&@g1&@h1&@i1&@j1675299209972&@k0&@l1&@m%D9%85%D8%B6%D8%AE%D9%85%20%D8%A7%D9%84%D8%B5%D9%88%D8%AA%20%D8%B1%D9%82%D9%85%20%D9%88%D8%A7%D8%AD%D8%AF%20%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A7%20DFX%20Audio%20Enhancer%20v10.130%20%D9%84%D9%83%D9%84%20%D9%85%D8%B4%D8%BA%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B5%D9%88%D8%AA%20%D9%85%D8%B9%20%D9%83%D9%8A%D8%AC%D9%8A%D9%86%20%D8%A7%D9%84%D8%AA%D9%81%D8%B9%D9%8A%D9%84%20%D8%A8%D8%A7%D8%AE%D8%B1%20%D8%A7%D8%B5%D8%AF%D8%A7%D8%B1%20%D8%A8%D8%AD%D8%AC%D9%85%2012%20%D9%85%D9%8A%D8%AC%D8%A7%20%D9%88%D8%B9%D9%84%D9%89%20%D8%A7%D9%83%D8%AB%D8%B1%20%D9%85%D9%86%20%D8%B3%D9%8A%D8%B1%D9%81%D8%B1&@n0&@o1000&@q0&@r0&@s1&@ten-US&@u1280&@b1:-195077766&@b3:1675299210&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhabeb-alroh.forumfa.net%2Ft9323-topic&@w
IP 54.39.128.117:0
File type ASCII text, with no line terminators
Hash 75644b88a94e1c79781eb185dbae4cce
2d39a93b5183df8cd511f09688d1b654fbec9bdf
78f5c4399ca4dab6d77186fb12a19d21faaf7bc02876100ce61838c29d6ec3aa
GET /stats/1809172.php?1809172&@f16&@g1&@h1&@i1&@j1675299209972&@k0&@l1&@m%D9%85%D8%B6%D8%AE%D9%85%20%D8%A7%D9%84%D8%B5%D9%88%D8%AA%20%D8%B1%D9%82%D9%85%20%D9%88%D8%A7%D8%AD%D8%AF%20%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A7%20DFX%20Audio%20Enhancer%20v10.130%20%D9%84%D9%83%D9%84%20%D9%85%D8%B4%D8%BA%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B5%D9%88%D8%AA%20%D9%85%D8%B9%20%D9%83%D9%8A%D8%AC%D9%8A%D9%86%20%D8%A7%D9%84%D8%AA%D9%81%D8%B9%D9%8A%D9%84%20%D8%A8%D8%A7%D8%AE%D8%B1%20%D8%A7%D8%B5%D8%AF%D8%A7%D8%B1%20%D8%A8%D8%AD%D8%AC%D9%85%2012%20%D9%85%D9%8A%D8%AC%D8%A7%20%D9%88%D8%B9%D9%84%D9%89%20%D8%A7%D9%83%D8%AB%D8%B1%20%D9%85%D9%86%20%D8%B3%D9%8A%D8%B1%D9%81%D8%B1&@n0&@o1000&@q0&@r0&@s1&@ten-US&@u1280&@b1:-195077766&@b3:1675299210&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhabeb-alroh.forumfa.net%2Ft9323-topic&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 00:53:11 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 48
Connection: close
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fhabeb-alroh.forumfa.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
142.250.74.109200 OK 7.3 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fhabeb-alroh.forumfa.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2054)
Hash 13e780e8eae337dd651d2bcb951d9e1e
39a2f54de625fb12678d0297a818dd5e3b80396c
3b34cf86965fd0d6f1bf43d9e1d9988e4fb3fd09a5096196c137006b9f512782
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fhabeb-alroh.forumfa.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 00:53:12 GMT
content-security-policy: script-src 'nonce-4U8gnZavRYPZTf9n6oeh8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fdd297d735fd32f5052cefb7d679b674
c80a7672d3d8756dc5160e60ac8dc3b0b6d8ac51
9eaf55e59e9a60c38c009353fa4f6fa087c99d94eceaf98663665fa7b08bfd66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=107839
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:12 GMT
Etag: "63d9f353-139"
Expires: Fri, 03 Feb 2023 06:50:31 GMT
Last-Modified: Wed, 01 Feb 2023 05:06:27 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
216.58.207.195200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 216.58.207.195:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 22:24:54 GMT
expires: Sun, 28 Jan 2024 22:24:54 GMT
cache-control: public, max-age=31536000
age: 354498
last-modified: Sat, 21 Jan 2023 03:10:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 00:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharebar.addthiscdn.com/v1/sharebar.js?_=1675299211216
23.38.200.123200 OK 400 B URL HTTP/2 sharebar.addthiscdn.com/v1/sharebar.js?_=1675299211216
IP 23.38.200.123:0
Hash 0c033864356694df724d897b6f141ee4
386ddcd43e657cb6fe0cf095a94dfdf87688b1a9
9a393b57c509959832ed340583fe7d553eceab5264f2ab4e1470e226a3be4a93
GET /v1/sharebar.js?_=1675299211216 HTTP/1.1
Host: sharebar.addthiscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Thu, 11 Jan 2018 22:02:15 GMT
etag: W/"5a57dee7-25e"
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 400
date: Thu, 02 Feb 2023 00:53:12 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=dfaf3c62398af6c8a97978f19493bb5f9c5bae5e
104.244.42.8200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=dfaf3c62398af6c8a97978f19493bb5f9c5bae5e
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=dfaf3c62398af6c8a97978f19493bb5f9c5bae5e HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:11 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Thu, 02 Feb 2023 00:53:12 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: a2560c072dd8a50a
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 108
x-connection-hash: 1f35e1694a9e6147fd67da5f4e189b9e6221460ebf3ae52d5d49342ce334fe9a
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.415
139.45.197.250200 OK 35 kB URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.415
IP 139.45.197.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c9022196302c21f13ffdf9fe455b9cc5
9002fa6ff45cecd491c009f09dde4d58d299f8c5
f848a8fb3afd0a9ca5edfebf0a9f90f7f0a5632edc2495d3755a622c7a848206
GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Origin: https://habeb-alroh.forumfa.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 256
Origin: https://habeb-alroh.forumfa.net
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 00:53:12 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://habeb-alroh.forumfa.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/
Content-Type: application/json
Origin: https://habeb-alroh.forumfa.net
Content-Length: 402
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:53:13 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ca64fc84c82123dff58bd0316f30811e
access-control-allow-origin: https://habeb-alroh.forumfa.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.250200 OK 104 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.250:0
Hash 7e77725c2065d1fddf02736adf2d9aa9
c915a869b26590d04344c3211077692935217890
f1c9709ead47f1c42472ac31825df12efcced57e686ab4a52ea4776295a1c45e
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 59120
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
habeb-alroh.forumfa.net/serviceworker.js
178.33.115.32200 OK 0 B URL HTTP/2 habeb-alroh.forumfa.net/serviceworker.js
IP 178.33.115.32:0
Analyzer Verdict Alert fortinet Malware
GET /serviceworker.js HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=167531; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2img.net/h/www.feedage.com/images/add2feedage.gif
104.21.235.176504 Gateway Timeout 0 B URL HTTP/2 2img.net/h/www.feedage.com/images/add2feedage.gif
IP 104.21.235.176:0
GET /h/www.feedage.com/images/add2feedage.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 504 Gateway Timeout
date: Thu, 02 Feb 2023 00:53:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=504:792ef2a3b8d3bc88:LHR; path=/; expires=Thu, 02-Feb-23 00:53:40 GMT
cf_use_ob=443; path=/; expires=Thu, 02-Feb-23 00:53:40 GMT
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 792ef2a3b8d3bc88-LHR
server: cloudflare
X-Firefox-Spdy: h2
publisher.linkvertise.com/cdn/linkvertise.js
172.64.206.34200 OK 0 B URL HTTP/2 publisher.linkvertise.com/cdn/linkvertise.js
IP 172.64.206.34:0
GET /cdn/linkvertise.js HTTP/1.1
Host: publisher.linkvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: application/javascript
cache-control: max-age=3600
cf-bgj: minify
cf-polished: origSize=2869
etag: W/"b35-5f3927177ba80-gzip"
expires: Thu, 02 Feb 2023 00:59:52 GMT
last-modified: Tue, 31 Jan 2023 17:12:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3193
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRRrib%2F9v79ShUwvtC5qQqk1vJRVmbvO%2FlNdXQYGlwKF5RTA8HUPhqAFPrRFnORSSWLTycz0xrebpfTvukvrRMVZfo1y%2Bt6S3Am1MBaTg2ggdVly8MfvJnyl3gLtTkBaDf3rXteshlDnGjYA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-frame-options: sameorigin
server: cloudflare
cf-ray: 792ef2a3ceec73df-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.crezeman.com/vb/js/widget.js
188.114.97.1404 Not Found 0 B URL HTTP/2 www.crezeman.com/vb/js/widget.js
IP 188.114.97.1:0
GET /vb/js/widget.js HTTP/1.1
Host: www.crezeman.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Sat, 21 Aug 2021 13:03:02 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8KnI9kxluBpz1hmfrX2bTZCvWtSdYPa39Tz8grv72oiVl0noxzHmNhA0YQv9cltA2PJyh7y4%2FaffUmpVPwPQVTNnx4hqioRwc16dFYEBX8cXBjeO4YrATbsg5CZOxj4foUH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792ef2a4f875b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 4936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdG9lI751HcN4aDnTkSIrFoJvCI%2BIR4SZs%2B6rqqC75zP2p%2FLMEkZtnza%2F66fhW0nCHVlaAInNS8zY7%2BKfCj9agJ8hEmWR0eLpZRky6zyAjkByUTGWIzKewCfdFGXMByjOXlcA2PU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ef2b1a817b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=habeb-alroh.forumfa.net
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=habeb-alroh.forumfa.net
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=habeb-alroh.forumfa.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=8cddc3d4-8189-4c17-aa71-0db35ee22a0b; expires=Tue, 27 Feb 2024 00:53:07 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 581162
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/71/frm/jquery/ticker/ticker.css
188.114.96.1200 OK 0 B URL HTTP/2 illiweb.com/rs3/71/frm/jquery/ticker/ticker.css
IP 188.114.96.1:0
GET /rs3/71/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Fri, 19 Jan 2024 08:38:35 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1181670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B6BzUzRxDt0jMDmIs5I744iWzCcqD17sG%2FXpvy3TDf7e%2Fbmvk5Khe1NLrI9J3UhzwoLfGgG5J%2F%2B2ZafyZ%2BSwK8ogx8F5l2APza6HOmv29ANTI9OHWowjxQVdSPNOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792ef2a2acd8b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/afalaz.files.wordpress.com/2009/05/iraq.gif
104.21.235.176404 Not Found 0 B URL HTTP/2 2img.net/h/afalaz.files.wordpress.com/2009/05/iraq.gif
IP 104.21.235.176:0
GET /h/afalaz.files.wordpress.com/2009/05/iraq.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RalfEKp7s0G0weI8Zygf%2ByRZivXqAYeuu%2B%2BMJBjpnKDwi7s%2Bily9sWmYzbtsNQFTs%2FXcPsP25%2Bpv%2FqaWuPHPLxZwsb5143%2FZjADAcWRdFWcjWyDqLe3BkOcNlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a3c8edbc88-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
habeb-alroh.forumfa.net/sw.js
178.33.115.32200 OK 0 B URL HTTP/2 habeb-alroh.forumfa.net/sw.js
IP 178.33.115.32:0
Analyzer Verdict Alert fortinet Malware
GET /sw.js HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://habeb-alroh.forumfa.net/t9323-topic
Connection: keep-alive
Cookie: exadd=167531; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa1809172=1675299209972; HstCla1809172=1675299209972; HstCmu1809172=1675299209972; HstPn1809172=1; HstPt1809172=1; HstCnv1809172=1; HstCns1809172=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:09 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js?_=1675299211206
93.184.220.66200 OK 0 B URL HTTP/1.1 platform.twitter.com/widgets.js?_=1675299211206
IP 93.184.220.66:0
GET /widgets.js?_=1675299211206 HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 851
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Thu, 02 Feb 2023 00:53:11 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
habeb-alroh.forumfa.net/t9323-topic
178.33.115.32200 OK 0 B URL HTTP/2 habeb-alroh.forumfa.net/t9323-topic
IP 178.33.115.32:0
Analyzer Verdict Alert fortinet Malware
GET /t9323-topic HTTP/1.1
Host: habeb-alroh.forumfa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:04 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Thu, 02 Feb 2023 00:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:53:04 GMT
vary: User-Agent
set-cookie: exadd=167531; expires=Thu, 02-Feb-2023 04:53:04 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
2img.net/h/afalaz.files.wordpress.com/2009/05/liban.gif
104.21.235.176404 Not Found 0 B URL HTTP/2 2img.net/h/afalaz.files.wordpress.com/2009/05/liban.gif
IP 104.21.235.176:0
GET /h/afalaz.files.wordpress.com/2009/05/liban.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Apv65laUR1XQCpNzju3SHWoHkljAXWt6McCsU3kQX7ZULgR2lja3jatfbU4X5tOh3WhKOfJwOp%2F%2BGi2Qi8KfOILRQPLEx0eCcMuzBU0vZpemeaz5AGNMTDrMgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ef2a3c8e6bc88-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/up.arabseyes.com/gif/Sst35698.gif
104.21.235.176200 OK 0 B URL HTTP/2 2img.net/h/up.arabseyes.com/gif/Sst35698.gif
IP 104.21.235.176:0
GET /h/up.arabseyes.com/gif/Sst35698.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habeb-alroh.forumfa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: <https://w6w.net/wp-json/>; rel="https://api.w.org/"
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 79859
last-modified: Wed, 01 Feb 2023 02:42:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl5jNg1XZMN32p9k756bmyNITITphU9teDykbgKVUjU%2Fu3G6rR3%2FSP0hyC%2BmHlqWeQY54kFN%2Fa%2BqvWJUJWqoVD%2BV5nViyPfM4oQ6nrQEqqRPfQweHCexXMxglw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792ef2a3b8d5bc88-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.189200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.189:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 00:53:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 100218
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2