mazika4ever.ahlamontada.net/t4581-topic
94.23.73.212301 Moved Permanently 0 B URL HTTP/1.1 mazika4ever.ahlamontada.net/t4581-topic
IP 94.23.73.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t4581-topic HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 14:22:02 GMT
Content-Length: 0
Location: https://mazika4ever.ahlamontada.net/t4581-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6276
Expires: Fri, 09 Sep 2022 16:06:38 GMT
Date: Fri, 09 Sep 2022 14:22:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 13:36:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b_UeM8_FZ4EJ3Ii086CPmDTT_mYeN9DetlK1foJGYrbImO261z_CmQ==
Age: 2754
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lvyMnLeuSrr_Ki6mig4O0wC8mC-nb19J-YKqBvkExsQ4ilBplgib8g==
age: 38128
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2115a1a6ad60b44aab06181dbbd00fb4
72d6ab65bb014ed756fe4f9873bc381b027c54c3
0b8c2ec53bd3c5e4a54c15ca9c21f5374cadc47984ca8fbdf6c07b75ac258e0c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B8C2EC53BD3C5E4A54C15CA9C21F5374CADC47984CA8FBDF6C07B75AC258E0C"
Last-Modified: Thu, 08 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17551
Expires: Fri, 09 Sep 2022 19:14:34 GMT
Date: Fri, 09 Sep 2022 14:22:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 28279dc7c18295ea7d2918f1e201e945
55f91e937f20152816615ae4298d60f9bba8ed6f
12e7b35e75b5a6303c18185d4dfedd1ae121c6bcd87099a51b445a58f25ab56f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 13:38:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 28279dc7c18295ea7d2918f1e201e945
55f91e937f20152816615ae4298d60f9bba8ed6f
12e7b35e75b5a6303c18185d4dfedd1ae121c6bcd87099a51b445a58f25ab56f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 13:38:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 28279dc7c18295ea7d2918f1e201e945
55f91e937f20152816615ae4298d60f9bba8ed6f
12e7b35e75b5a6303c18185d4dfedd1ae121c6bcd87099a51b445a58f25ab56f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3890
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 13:17:13 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 13:27:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 13:56:07 GMT
Expires: Fri, 09 Sep 2022 14:40:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cS1kAyEhWY7eLgCScSZ2dFL901Pq2toCko7acUTKlj6scRcZb6oYXw==
Age: 1556
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 02a337bc040b86765e99b82f5b784668
7232bb3378b5106e170f35ab5754f252780ecde1
b4f0fc511c15ee76e8b1a154f806ef9fbee091f55ad275770489e631b2bb9c02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5786
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 12:45:37 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0adcdf311c307962c09ff6e0b3a4d0a6
2f358cc3b121ec7340c2c38721c292cd7fb0ebb4
2bbda38cb2eb20dbe9286311420c33cd52e7582fd336fcbbcaa922464507635a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1352
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 13:59:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
104.21.63.213200 OK 943 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP 104.21.63.213:0
File type ASCII text, with very long lines (1011), with no line terminators
Hash d0f5e62794f37bfc803b6c92a2eb2abb
b79d4771e7877dcb838c73689f70f6a8fa968c18
3300494bbd1ab03aa251df01499678b45d11e02c53ecdd7c096c3aa02cb1aa2b
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjfU8xlMAeEBGkEIk9J8ojZpy93BV8o6iX6YmjRYboeMu3JcyHN9oY0e8rPk%2FxANOSQ6uDcfF79pwFukslRZjrBAY5eFUxhGx0wF%2Bou4tFnAuEXJ3uqLLE8ltGzRqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e6f9f41c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 03:55:25 GMT
expires: Mon, 04 Sep 2023 03:55:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 469598
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/ograph/fb_login.js
104.21.63.213200 OK 977 B URL HTTP/2 illiweb.com/rs3/63/frm/ograph/fb_login.js
IP 104.21.63.213:0
File type ASCII text, with very long lines (2211), with no line terminators
Hash 501107ae59a2cc00d65ad56462378b79
906f34f74d8aa82c583a355a6e9aeb6c0dbda8ef
38d8098f41a9de7acdb5be7c78d89a47ddab0392490c1c4d0c2ccee683e5f92f
GET /rs3/63/frm/ograph/fb_login.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:11 GMT
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJOqEcK9abUElKkd9tU1GDI%2FnabIn5kuJwQXXiUgcPwOFhl2YpA38ksHGqBsduFHwI2G59QlX3stm4vjl7Ddy7dYzdubxbs1jQMOySxaa7ga58h67hJsGmNFLjuGUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e75a421c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/ar_AR/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 7008e27da3f500f1b6073684431b33c1
71a8a8531993a0e07c4ffb0e38e6e116a7c6dfff
16dfaec8fdf4187b3fbeb0578c18b1101727115aeeb5057362956b7630116dc7
GET /ar_AR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f948275b76c96005c2b38a40ca4a4a3a
etag: "c3b28ce86fa67d0147e6ff8b5239357d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Sep 2022 14:29:29 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: cAjifaP1APG2BzaEQxszwQ==
x-fb-debug: fIbV2eJYSLXRX8m0ympqWhjFJ4+s67uQWf8jmDC/CQvoIwBBM48dOsmbTjPiYdT99Apke7qhiwAarJ3PO4Gp7g==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Fri, 09 Sep 2022 14:22:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78d348cdb1ab2832ebd33d555e64c08e
b79631bf60c9513e3c48387b8e365f08160f8970
98a98e24531f26b3f46041ddc066687c54495426fb9dc4b41bffbc94bcad0081
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3324
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Last-Modified: Fri, 09 Sep 2022 13:26:39 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash ae1d8335dcd7b95979cb1d862e3d564e
9c9b888a988c0be2bc9d09c4948cf2d8667b5763
70d92127f4dd324a8143c040874506bdcb36b8d34055cbedf7fb06217b3768da
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 14:22:03 GMT
expires: Fri, 09 Sep 2022 14:22:03 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41975
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/ticker/ticker.css
104.21.63.213200 OK 447 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/ticker/ticker.css
IP 104.21.63.213:0
File type ASCII text, with very long lines (388), with no line terminators
Hash 5238b97f9e0372b79567d8a99295ec2c
26e2f4e123581617f37275fecf13c1178b426b4b
cd25908d9d6c189edd8259a2e05a46f84313641efb6c57241aad5d47afde72bf
GET /rs3/63/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:59 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108904
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NqeMWcTs3n%2FHaHTE9iDYxPQF1D1apVKRiTLR%2FSvbLnWQHHwEWr9kezCvMmiTlzITuKZGNY%2Bl003eV7G9PIWg7Ys7TYfPDSYsj8nEJhVQRzHbPDwl%2B4H124E%2BL6%2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748092e78a601c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-22844002-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22844002-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 6cad23a6c627bb8914b5f58ca256f663
14479fbb0e70544ddfffc40cf6336baa91b30ec0
63dc1ca6d13469a8513140d9adff6ca9beb7cbbeedbc7c7a72e068a594327ddc
GET /gtag/js?id=UA-22844002-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 14:22:03 GMT
expires: Fri, 09 Sep 2022 14:22:03 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illiweb.com/rs3/63/frm/jquery/ticker/ticker.js
104.21.63.213200 OK 1.6 kB URL HTTP/2 illiweb.com/rs3/63/frm/jquery/ticker/ticker.js
IP 104.21.63.213:0
File type ASCII text, with very long lines (2244)
Hash 667386ce0c6829cbd04f485dc4152496
f8e24a4b65389f91371f204156956e3c78a220ad
7050d4eb1511bd61ee9da2b22d62b32da49ed64342c57c3e656d47b44e67f617
GET /rs3/63/frm/jquery/ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:59 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108904
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXMFTYD5to%2BK7q5bkJCc%2BTp42l%2BqmimC02fMz%2FY5QLbRMntc%2Fi6odHGhF3YJbDrMcTso6gF%2FVfvm%2Fpw6Mw4D%2BPmeY5f%2BVf6pI3a7fadDLA605TH8khKHOgALRV9OHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e709fe1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/invision.js
104.21.63.213200 OK 1.1 kB URL HTTP/2 illiweb.com/rs3/63/frm/invision.js
IP 104.21.63.213:0
File type ASCII text, with very long lines (1782), with no line terminators
Hash 90778a271d61c6b4fb21a60e18fa9bbf
209c593a42fc07432b71d38d21c0ed0267097783
6be710ef5afe619a8f499677e545713b3d6a9ddab0fe44ec41ffbeb036613965
GET /rs3/63/frm/invision.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:11:01 GMT
last-modified: Wed, 08 Sep 2021 09:55:04 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4TppRQqcRPkxu4qxIq%2BSi7cN2m0uJ06DKub0XZggPAR2zpbj1ILe2goTMuzhOUuwavsTgPBnKPXTYK%2BxHO0QGw96vf08LgNAa2yA2KxWq0eDBNz3glbPPtsO%2BYojQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e70a021c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/js/pa/24697/c/IxWav/cmp
51.158.28.82200 OK 139 kB URL HTTP/1.1 choices.consentframework.com/js/pa/24697/c/IxWav/cmp
IP 51.158.28.82:0
File type Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size 139 kB (139128 bytes)
Hash a91b1c5486025c377c1c10676dbbc7a4
982cec835ca3694cb0c744c0f74d5e8f636141c8
1d1606732266d3ba61e4726b1d940fc4e525360dd431a0a7e196dd936967e2d4
GET /js/pa/24697/c/IxWav/cmp HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:03 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=3600
Set-Cookie: euconsent-v2=NO_CONSENT; Path=/; Domain=consentframework.com; Expires=Fri, 09 Sep 2022 14:27:03 GMT; Secure; SameSite=None
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
mazika4ever.ahlamontada.net/0-rtl.css
94.23.73.212200 OK 61 kB URL HTTP/2 mazika4ever.ahlamontada.net/0-rtl.css
IP 94.23.73.212:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 4d2f2d058cf6da25604a6207537f3aa9
d67fdae6c4546123338304c17e7ad0796a45a0a8
ca2dcb7dc53a2949ca271cfc1da4bec48ca0fab0d67d4913892de852a2302916
GET /0-rtl.css HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/t4581-topic
Cookie: exadd=166274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: text/css
content-length: 61207
last-modified: Fri, 09 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JlhqYK60rb5JJitd+CCvFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S8/UY8H8iyImG4MHV1oDfHS5ox4=
2img.net/i/fa/invision/bar.gif
104.21.235.176200 OK 50 B URL HTTP/2 2img.net/i/fa/invision/bar.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 4 x 15\012- data
Hash 70d7b736ddb3957a8f658038e659e115
769764059e64559820711fa4540c7a544067af8f
4fd648e423ad2aeb039e98d4d1a69a268af8a6af2a84503e4a7e77409a2e8360
GET /i/fa/invision/bar.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 50
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-32"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21014787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB%2FdBxUz5m%2BB5A6iS4PFSuoxSgdf4FO14LA76QoY80U1iaiZF5gWdxZOEkSo41Z1QEIkcglcEU%2Br5%2Fg%2FBMQ%2BnrrXLFFHLjwDrlEMRfwTzI5G4G1qUtCF34ON8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d4ff3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/invision/bar_left.gif
104.21.235.176200 OK 159 B URL HTTP/2 2img.net/i/fa/invision/bar_left.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 5 x 15\012- data
Hash b28836983e5f6f89413f1473d560409f
190d0dbe129fa567ecad307542f89e48bb7c8d89
3e333b0e687955c2137249d6d89f948a372a5f17514cc747e5be8cb158f8764d
GET /i/fa/invision/bar_left.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 159
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21014787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7OX9sMORmX1durwhzTm9x%2FY%2BHEdPFquFI5jp9dxTJCz%2Fv9cMzg2Wx9k0iOYDC7%2Frtco2pFJu3lveVvUMW5cruGDJ%2BPf%2BEmAtygs%2BexjbrOXvW4hE%2BTs1kFWqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d51f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_aries_1.gif
104.21.235.176200 OK 263 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_aries_1.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 19 x 18\012- data
Hash eb7efbf2d0f3fc367a3c65b71bdef52e
b8d0735b4fd4fb5fe30326a2c0cefffceda26833
b11b085aa20b11f81f38adb4f4a49422f8b06bdebdf7a3ea610e7a72ed8f1280
GET /i/fa/subsilver/icon_zodiac_aries_1.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 263
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "5739a8a5-107"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 16 May 2016 11:01:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22655561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04epCjvzaaJD0OARAIsdRi8p0iCBR4v0b5DcSeI7WdEVrMR8qGimlaAf8pB3V9AwZA9VmDhhkz2CR69SrfSlorptrv%2Ft8GiAJm60X6oheuD%2FlywSHFQf9bF%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d5af3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_minigender_male.gif
104.21.235.176200 OK 142 B URL HTTP/2 2img.net/i/fa/subsilver/icon_minigender_male.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 11 x 11\012- data
Hash 5ef7a6af0298d7e13a08a8e5afeb1228
78e2ddc2595b7a2975e9b11ef4852f5ac0616616
4bd253445eec78e6f29ec51cfbd53f3b52941a208a4237389209cba55cc7047d
GET /i/fa/subsilver/icon_minigender_male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 142
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "5739a8a3-8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 16 May 2016 11:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22657550
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcnJ2udkB%2FxtTgD5ul4k9SW05rbvUA%2BQZAj5%2BPo83DJ3NafadBB7QlZUAc2%2FoUUscTPyDC34rTIco9SNXPZs%2FLWLLLpbSzPZa7f9JUUc7ADvt9j05e0xociaMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d68f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_virgo_1.gif
104.21.235.176200 OK 252 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_virgo_1.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 19 x 18\012- data
Hash 31c620bcc03bfc876110e7907e05bd6b
139202061eafeebed9957c274922c1241ccfbaff
d11ba65760782cb4d6b64b46c56cdc559eb1ec085fdfb0913b4dc5ec5ab9556e
GET /i/fa/subsilver/icon_zodiac_virgo_1.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 252
last-modified: Mon, 16 May 2016 11:01:57 GMT
etag: "5739a8a5-fc"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 17707679
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiOGi23iqKmukxjzLwGYvfjxdg6hbjxt4VvwPkiB7Y%2BDrke8K4ffOa9nG3fJh3c1KLPzaDwNE2vai6rmv8auu3whH25u8SypJNy5tpQVowvUsMXvcDNUnXs2zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d6af3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 17870697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Vxtl968JOtegUodmKIOlQq5XaRTCbsMErLuQnWIKWXs2nLbHiM7wxKv2vKdhcgPzekFf3Ga%2Bw%2B9gC0GUgisxIeMiWIl0MQ5T581FLr0QZhi3AI55qaJxhUmrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d6ef3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/invision/bar_right.gif
104.21.235.176200 OK 168 B URL HTTP/2 2img.net/i/fa/invision/bar_right.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 6 x 15\012- data
Hash fa8e7a774cbd78163f582bc5fbdf1dc5
4bbe93df0d1ce9fcb38fc27eeaa0d6770ebff468
253956a93598ad8b1cb4d2b6ceeb36625844057ca092d91a10af157b6cc31092
GET /i/fa/invision/bar_right.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 168
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21014787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjRyu%2F28ig27BAikJtfRbf1PmmX6UX60rkZ6O0dwD5TxGelWYr1dqSV0qNbmfMuTGoKdYy3PXPcAi59vuhxpj%2F3ovU4Pe6KeotlXoC34GeZrxBcqbenio1zHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d4df3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_minigender_female.gif
104.21.235.176200 OK 140 B URL HTTP/2 2img.net/i/fa/subsilver/icon_minigender_female.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 11 x 11\012- data
Hash da4f413728cea4cb2af9ddb08313d88a
673a20957c3ccb1b1ec61f25587217ad413df8b6
8cfd21e82ac6c4d69ce84f5fcaf2b08e954d7b6bb7e4a8af1445ca0c6ef91772
GET /i/fa/subsilver/icon_minigender_female.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 140
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "5739a8a3-8c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 16 May 2016 11:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22657550
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPES5GQAPmwk8qWLaSGewxzRVGCZmquJBGd87SCcSqM2A9rYieoA6OIUGqM97C23%2F8gg6XOZp2efgMS8iGbU5XBPBLmev85bqMy2QvkSZbt2PII3NLEFzimREw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d5df3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.176200 OK 42 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-2a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22657697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maWGw66LPt9ySP%2Bg4ghQsf%2FiO49IpBKKY96rCCdVed5jVAuDffwbfxSap%2FxQxK1tfdkaSM0s%2FBuBRZ9c3mlooq8NC%2BCsdW8ES3hb4BeE69Eidf5kTNPJzH9Dfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d96f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.3raq4all.org/uploads/dec09/3raq4all998e4404ea.jpg
104.21.235.176200 OK 9.3 kB URL HTTP/2 2img.net/h/www.3raq4all.org/uploads/dec09/3raq4all998e4404ea.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash a60b52517e7bfbb94dc368aeac6f816d
046b5977a0577c2b1779773328c2d4d729693e86
07d8a90c194e3191be94cb554f64ec044bfa040ba98f9b6f635788b0827babdd
GET /h/www.3raq4all.org/uploads/dec09/3raq4all998e4404ea.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/jpeg
content-length: 9310
last-modified: Tue, 20 Oct 2020 21:54:54 GMT
etag: "5f8f5cae-245e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5%2BM4mkyRsTB6yx29YZd1yUZYSEhxemcstMJm8W%2BX%2BCcjXClxBAh%2F4R9SAagpGtrvphbWSSOqN0LLa8n3VSMyVCV6Qe%2Bg%2FUcSRKlwrwsNXjus7nG0OL85ac3GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d55f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/09/19/i_icon_www.gif
104.21.235.176200 OK 577 B URL HTTP/2 2img.net/s/t/13/09/19/i_icon_www.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 59 x 18\012- data
Hash a35173aa509edd087e1b5fb33b0b4020
142cb1f38aec13ed6d286059e49ba9361d4a6836
afc97a06e8e1ae0e872b8cbceb3dd6663b7acdc2913e89346b5745376556c86f
GET /s/t/13/09/19/i_icon_www.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: image/gif
content-length: 577
last-modified: Tue, 09 Dec 2008 12:14:20 GMT
etag: "493e611c-241"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzERSAUhKsVvn5AwbDI41oNSfbU2MgwJZi%2BKgmrN4l41SPaS4u4ypaX9nj450S1%2BnQJCqDWKVYxe8BJhVzki3slO7kStEmdbe5I4M6B6XVJTAChrITzkzCna2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d52f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j25.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j25.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j25.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOO61uCiJS6Rg7kDQfC9BSbmdv194ZSgF%2B0biEu3J59gbDG%2B7YhrD%2FIzVaOhYrZMzPjJq%2BCMOQJ6j10WHr940iOPyCjedUpY7B6cp4mv%2FlFBNwZh92NaVK0S5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d93f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c04.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c04.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c04.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZjD1F3UwVWb%2FcjeOqG7rdoBpqGLnU4tEhDr5mc1ASwcRsygQCKhhcdOT4JrWEV7J9hnVCOvtWvr%2F0EAFqs3g5BGhHQXKASZJ%2B8HbRWZMworbDQ9tqthM4tuNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d74f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j09.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j09.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j09.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqHEWT%2B8%2F%2BGD1QrkSIp6xPfwpjNK86HiAhPDNKRevTh8ATmkopQssv7b9hKTtmimS%2FD7IzVBHAgY9ZHFdivk46R%2BvSrdM7def85V%2BS6Gnr1HivXY%2BS31lSzChA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d8bf3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j27.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j27.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j27.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qtkpPAIzej4m18pd%2FiPjEAyL7QPXQlEvW9QXPgnEpFllHRHONlwdI555ISDdNnbqhfLkawTqJn3fDlOuBy81icx8FCgkfXIxeXaEnx%2BXfZZipQEa4irJ8TT5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e90d4bf3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c02.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c02.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c02.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7XdHhS9e07N0A1s3XrcYAhcne0vxSg2SmW5cWUMeL1Y8eitpwKClc6F%2FooA8G420kN6zJ%2FLT%2BiwljL0%2FakCoP8tmBSUyzOiWvAo%2B3SGLmUghxZb1EUfSQ9SKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d71f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j28.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j28.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j28.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRsp8qVTqeAxaRduQgKT1NteXzbAS9rB8erjXocSnbM9yj0mAsgyQP42vYp%2FUsOu4enMeWH22RMp7n5al6IdAUi6NoaXXdPAlyMh1yWt3Y4jau7WblsdqMTAOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d95f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j17.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j17.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j17.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZVMRPT7Qn839PXp1A3b1O6lZ3upePKKCeivtcVzfCUtz%2FpEScRyXTNjHwKpDIv4nPhEXNvdoG%2FgL5JWWItdq3y2fwmMBrRHr78OIcILVEvgnS9daVmhrPrHLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d90f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j06.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j06.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j06.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPSLDQfd1waQz%2B4rUEKbuqrftcQJIZTyOEL0v2gJytpztEfkwo8KYCkbpe8lWVEa%2BgSGpjmnePFIexUEGQvsfzOvXE9%2FdDWwZT5NouNgyUuz6aRE%2F01au9ALtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d8af3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c01.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c01.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c01.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K59gWI3GoBW5rNCr3VGlf5BjiDik1AaxawhChp2rNyLVCZi16hWus8N7r%2B%2FUPt99zzxoSD6TZ4JhPQRC2W1IvlGXgb3lDkn%2B0Oek7rLUHZ0vj6XOhIC5FsKtog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d70f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j20.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j20.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j20.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7OlCZPwP7VftE4PvaeWXRTv%2FXIZCbejm2vOUn%2FuGJ4VgDiRYuTOR2T7kUKf28X%2B39RKH9M0mS7wk%2Fn5r6jz8TLO5Z1Zc6%2BN3UuCHbkir%2FfmgzqddgqTA%2FB72w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d99f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j02.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j02.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j02.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF4vv9m%2BcIRIms7LCYF4TvrgKb4pAOlJyeRaDS500%2FGUa8IHat3ZbeznJOuNFl0EBx%2FGiXCHQabX7VJiM5AqcLizHDxbUilFprXvQMTphVdJtdr3Yj4OmZZcuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d88f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c05.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c05.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c05.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC2He8OMy%2FsKe2VtjZH5omWFjJnOgCfiXykP9vGgVnJ2LbunS5QDEZSJedfUnutR5q%2Frw92%2BYXCLgAgfc8toXLu5l7BDLwncm2OZUb7%2FU8%2Bde086btWSrEpqBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d75f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c09.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c09.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c09.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3XhpJiea%2B9k%2FLth2MQLtaA9zJzLx142rpIOwAH7TUyHSC9X7NhUuLuSB%2Fc9qfFZNAgUzlI68W5%2BA9T6ANITHRhBAPqt1%2Bxbo39knDtj6WJ%2F43d%2B8bI7qZPFeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d84f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c10.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c10.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c10.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmeEA7%2BIIxhegBAHlWIf59I5Fckg4%2FSs8TtwzYXwU1k4SjppovFz77pU84QsGn7is7i8D%2Fd7L80dy9b3i5nIKJEweuliOHMkRzk%2BLEReSYYHMGunBLOaqyhLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d85f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c06.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c06.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c06.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqGBFzR%2BpbVJwDHR4mHp0CkHBOB8xsWnGQtn%2BaiFYDQ89kTMrEk4vTeWaRP8lnaAJL%2FwXqtOHeuKok3hWqwq975k9E9uhbsLT2%2F0O%2FnFUlXzmbRV8QYeiZE05Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d76f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j16.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j16.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j16.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og6dITEr%2B2lFFcc55kRirehwSoSCVgX6RJqT%2Fc%2FzCTRkkFKN3q8P65owV1OeKREBLAiVHZuia1EuF7mZQPwbDxQzhlyCLojdX9sp30hezXYLzqcYA2mNc5xReg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d8ef3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c07.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c07.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c07.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek4eF4c%2BpWz8kjbDoZswpcwFTugia4ByIJTdsm%2FaKNNguisVMaYi33m850wMw5SkrpHlT%2F1HQG0hlF5buUwW4b1S0A0jKkgQUvxPQOZThBF64IDJTr1JnUqp%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d83f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j33.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j33.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j33.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5rgikuvbOR5Reb2N5DU%2BK1wTQ98OfRX70Um%2BwgGQvXcBB09IQahRD40T%2BMQOLnHK%2FYQH9p7mNqbC2LPlUQmBChsM9Ka3KvZ2Ou3oRr1fEw1Va2v5TAPRD4Ipg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d67f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c03.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c03.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/photos_du_net/Embryonic_development_of_the_Cockatiel/c03.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XgJ3CPrtUWh0VtKvhGweo5x80iuA3rJUlDy%2BLrsNDKSJ4Vd0TbPXywjqQkWkx%2Fzga8sCo2Qe22LPFMbccdp2DtPrgVRITWoAhRMdV1kleksEteakxMoXMuiPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d72f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j30.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j30.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j30.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxdI4csixUquMI4fLNp3kVd6U6RdIGZWzk9sQszeTb9m3PUhV5zI%2Fbp31xlbcQmSqTi1MO00KBhDPWxP39186eqKLjNix6ufGLgzcP0m4c6o1XbPxAvY%2FNPVkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d9df3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j01.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j01.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/callopsitte.free.fr/photo/mes_photos/evolution_d_un_bebe/j01.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 14:22:03 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=769TXcT8qpz2B5O4kehiFfSX3eJKvCO26Urbbc5UB62%2BVxXkJd3%2FiZBnJRjdmW%2BK71W%2FhlSntXnHsGlYgDMR24lRnUF0wEh%2BMPGbf4BxCMSwcRMqTIYI%2BUWWtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e91d87f3f7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/profile/check?origin=https://mazika4ever.ahlamontada.net
51.158.28.82200 OK 17 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/profile/check?origin=https://mazika4ever.ahlamontada.net
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0bd75264337702d501fe87ce0b52dc08
97cc20d9be99aab0ec65848e65d7e3b241788d73
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
GET /api/v1/public/profile/check?origin=https://mazika4ever.ahlamontada.net HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:04 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 17
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: https://mazika4ever.ahlamontada.net
Cache-Control: private, max-age=86400
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2ef56bd5e1bb320ed12b28175abbaa3
6d48cd8181a653d642885419c1b07a9d487fc46a
f98a57503fa21121b9978ea5aeb6a8724ef86894e16d282c97e7568315382098
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F98A57503FA21121B9978EA5AEB6A8724EF86894E16D282C97E7568315382098"
Last-Modified: Tue, 06 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3079
Expires: Fri, 09 Sep 2022 15:13:23 GMT
Date: Fri, 09 Sep 2022 14:22:04 GMT
Connection: keep-alive
s10.histats.com/js15.js
46.105.201.240200 OK 4.2 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash b6d296cf9da7653944a8125ae7837d4f
2731746edd88e58f0d673f063b4e02b2b5c0b239
d67feaaf613c6961d7eda0de54abe7aa39c4e20c545ee2617d13a64cf9cf6f17
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:20:02 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 440500844
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4214
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/v2/tcstring
51.158.28.82200 OK 25 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/v2/tcstring
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c7be6c2029fd0db7b831a9e8359395f
48818c4617f2dac593cc84c8f39244f24be3760e
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
GET /api/v1/public/v2/tcstring HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:04 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://mazika4ever.ahlamontada.net
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 40 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
Hash 47be74a8120a50d544110051d6c79273
b0eda173e40d1ee2896cbccdc02d8ab0c293fbd6
28087682365973a96c4f1cc20e356aff1c60965ebe868e54d16441176aeb1ae6
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: text/javascript
last-modified: Wed, 31 Aug 2022 21:49:04 GMT
etag: W/"630fd750-1e137"
expires: Sat, 10 Sep 2022 14:22:03 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 06e11f779530fd88c439e0cdb6cec98f
58c3642dc038b37d5a37ef6ed11ff6d02857b2ac
cacdaa348b3a3d140919e8f0953d72dd834c721ecc62759ebda619ebed853721
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACDAA348B3A3D140919E8F0953D72DD834C721ECC62759EBDA619EBED853721"
Last-Modified: Wed, 07 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13147
Expires: Fri, 09 Sep 2022 18:01:11 GMT
Date: Fri, 09 Sep 2022 14:22:04 GMT
Connection: keep-alive
www.facebook.com/plugins/like.php?locale=en_GB&href=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?locale=en_GB&href=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?locale=en_GB&href=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: shV5E7vGx90hbYIfYMYTQPUCNgH8nN1MT9P5s7Dd21MUnK1j+VOUu5lsl7brh+K6mIjibz19iMPNoF9ATTLtUQ==
content-length: 0
date: Fri, 09 Sep 2022 14:22:04 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
104.21.63.213200 OK 455 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP 104.21.63.213:0
File type ASCII text, with no line terminators
Hash ca835eb94b4f8ed4096a978d1d5add83
4b47b48f8c881ae7d5b716851baebbdba2c77333
d367528910a181be37e4151ab1e9edc80097f7d52c1cbcc7979ed4d9021ef567
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwB14QDzcSWblfxKw5ZErUT2GHV8hm0ZtfzKT8HVjAZKVjLhY8gkDOY8uY55QnxY7XOjpV9TrWebaMSvG24G9SFKwEtwxdiEV0cmVRwdG0UOXXJy%2FtY2zpdszOg37Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e71a0c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/ak.fbcdn.net/hphotos-ak-snc4/hs247.snc4/39689_108686392518734_100001321224899_65342_4986589_n.jpg
94.23.73.212404 Not Found 2.0 kB URL HTTP/2 mazika4ever.ahlamontada.net/ak.fbcdn.net/hphotos-ak-snc4/hs247.snc4/39689_108686392518734_100001321224899_65342_4986589_n.jpg
IP 94.23.73.212:0
Hash 47c8bd2c2c1efad7fef4234b6bc4a4f4
3385297e45a9985fc0f1bc115474e08d808ab907
203d6793c96b3c117844d052ec37c51fb3a53496ad3c192d7ffd4bb82d302ddd
GET /ak.fbcdn.net/hphotos-ak-snc4/hs247.snc4/39689_108686392518734_100001321224899_65342_4986589_n.jpg HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/t4581-topic
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa2021767=1662733315377; HstCla2021767=1662733315377; HstCmu2021767=1662733315377; HstPn2021767=1; HstPt2021767=1; HstCnv2021767=1; HstCns2021767=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: text/html
etag: W/"5db7f6f0-1044"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.85.44200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65497)
Hash 9e7ed293aa1d665b2983c79c4fa6d16d
f53259867f022e71be075a94e29b2e17683dc51e
bbaba1c0b29eec2107a3711c251ab307f0d3c9ee5d8a7a75e2f1944ad74ffe3c
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cKDmQJyd3/3JfaYbHCRUUyoLZmLtYHa7iy4HHSjz+OZGCkfK6dcof8/sir4J8mS++UakiOsZm00=
x-amz-request-id: 43VAFZ8FPKYVH6XM
last-modified: Thu, 08 Sep 2022 10:33:19 GMT
etag: "6af36b586e8c9ddf4258721cdc4be21a"
x-amz-version-id: kfkg9slyhdwwiGZk59BMb_1YnjTiEUQ4
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:04 GMT
via: 1.1 varnish
age: 69
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662733325.558896,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 24905
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/?utm_source=pwa
94.23.73.212200 OK 54 kB URL HTTP/2 mazika4ever.ahlamontada.net/?utm_source=pwa
IP 94.23.73.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19598)
Hash 25c8437289782fd37cfbd201c3838a08
0f921d779c78c3aca0e10e9aeee2ecabca4d6389
0d6c58f8340babc15ce96f569100accefc8c873c877cea9096f445ec9c08e8c9
GET /?utm_source=pwa HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/serviceworker.js
Connection: keep-alive
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Fri, 09 Sep 2022 00:00:00 GMT
last-modified: Fri, 09 Sep 2022 14:22:04 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 09 Sep 2022 12:41:12 GMT
expires: Fri, 09 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 6052
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apps.facebook.com/gang-fights/property.php
31.13.72.8302 Found 0 B URL HTTP/2 apps.facebook.com/gang-fights/property.php
IP 31.13.72.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gang-fights/property.php HTTP/1.1
Host: apps.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://apps.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fgang-fights%2Fproperty.php
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qbE0krebGrjkSOdqhVTe6Czr4UoabXZuQ2IjFE2qmjHx/WaDu4XUHdfwbVKnZGbcv0Slqe/9OFTOb1e3d83vOA==
content-length: 0
date: Fri, 09 Sep 2022 14:22:04 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20220907-42-RELEASE.js
151.101.85.44200 OK 144 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20220907-42-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Size 144 kB (144485 bytes)
Hash a50cd3f5fac095ff0e6db1b0edfe7e79
9ecaf6de99f7960820d4a52993ceec5b1a97161d
175c3478099af67d5c64ba6678a13f1614a6d8511bb6e68a5de8d18e25dd01c4
GET /libtrc/impl.20220907-42-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Mrdt6fs1yFYUWgg0MW5XVHoTpZvL8f6wYJy9xEqllW/xA7qcdLZHpNsoq8cB6QD2Ph5X99aOB0Q=
x-amz-request-id: VRYW72GBT2N45VX6
last-modified: Thu, 08 Sep 2022 10:17:54 GMT
etag: "a50cd3f5fac095ff0e6db1b0edfe7e79"
content-encoding: br
x-amz-version-id: dUk5nsWgkFTGiiv5ogNfl3Qw977bMe8h
content-type: application/javascript
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:04 GMT
via: 1.1 varnish
age: 14629
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 7336
x-timer: S1662733325.627637,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 82
server: AmazonS3-br
content-length: 144485
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 17008792a2aace2af7789520a07cc7ef
33e36dea8dc3cb36f10a50d7390978861a6ae6bc
529ac2179edf17641f5feedea88de500328b49beba7f28409e49640741662fdf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:04 GMT
Last-Modified: Fri, 09 Sep 2022 13:37:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 52c89924cd5e0b520e86fc4abb431380
becd2b08df2ccedff7b9154b8abd06e3fc939afb
1f61d371adcaf7408910ff1180c925f1f2636c2206676e1d320691fecdb9f857
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 14:22:04 GMT
Last-Modified: Fri, 09 Sep 2022 12:58:12 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I8UqeMj2Qwdme-hfy8d--IVrxm6JruhAgui674eeub4FNs1d6a0Vwg==
Age: 5032
s4.histats.com/stats/2021767.php?2021767&@f16&@g1&@h1&@i1&@j1662733315377&@k0&@l1&@m%D8%BA%D8%B1%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D9%85%D8%AE%D9%84%D9%88%D9%82%D8%A7%D8%AA&@n0&@o1000&@q0&@r0&@s406&@ten-US&@u1280&@b1:-52814101&@b3:1662733315&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&@w
158.69.248.123200 OK 101 B URL HTTP/1.1 s4.histats.com/stats/2021767.php?2021767&@f16&@g1&@h1&@i1&@j1662733315377&@k0&@l1&@m%D8%BA%D8%B1%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D9%85%D8%AE%D9%84%D9%88%D9%82%D8%A7%D8%AA&@n0&@o1000&@q0&@r0&@s406&@ten-US&@u1280&@b1:-52814101&@b3:1662733315&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&@w
IP 158.69.248.123:0
File type ASCII text, with no line terminators
Hash 2f42d16df4db294d3b730951cdd3b951
3895244d0f0c3506f288a1b3f3cf8f1d0000297a
1231d69c7993cf6075402dd140b9bbd007e855e45da9fa3c02339e5de4c863bb
GET /stats/2021767.php?2021767&@f16&@g1&@h1&@i1&@j1662733315377&@k0&@l1&@m%D8%BA%D8%B1%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D9%85%D8%AE%D9%84%D9%88%D9%82%D8%A7%D8%AA&@n0&@o1000&@q0&@r0&@s406&@ten-US&@u1280&@b1:-52814101&@b3:1662733315&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:22:04 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 101
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0a1d9d97bc4fe6f2be5a172eb59108a0
96b8274c71a8de19563795a864ecd78f77fee928
9b5d1ff868612534d782a697ee1cc61bad40a0b8d0667ba96d735b5216bcf604
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:04 GMT
Last-Modified: Fri, 09 Sep 2022 13:28:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
api.viglink.com/api/ping
176.34.209.96200 OK 259 B IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash d6ad08861b1d629a617f086c822e05b0
c6cda04fd83c435847609af520512507ed500c8c
bcba4c2f8d920cfaf4767490c061bc87aef2df3a017a1f0091e63a7afe67372d
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 147
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mazika4ever.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Fri, 09 Sep 2022 14:22:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
s10.histats.com/counters/cc_406.js
46.105.201.240200 OK 16 kB URL HTTP/2 s10.histats.com/counters/cc_406.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (28414), with no line terminators
Hash cd228f3e8b5071c0bcb1aba6899d007e
041e7070b365ea98a06606cfbbfb7654c22854ed
4bdf7720c4fb5d49b03925666ae66e892d055dbbe61981665aaf7eaa0c603c82
GET /counters/cc_406.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:17:04 GMT
etag: "-288016149"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 296420495
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 15658
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
104.16.161.13200 OK 0 B URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 104.16.161.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: OeTetEsBasSxUsBOFuNvzYCJWwDeidt7U9Wf3wCp5zeJCK2HhBObfGX+N/Ko8tx+E9Zgff6jUt0=
x-amz-request-id: S1072JJNTPDX98ZC
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 916326
expires: Fri, 16 Sep 2022 14:22:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092ee78eefab8-OSL
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=7b4a55a43666b31c59586e75b36fb60a736a9877
104.244.42.72200 OK 308 B URL HTTP/2 syndication.twitter.com/settings?session_id=7b4a55a43666b31c59586e75b36fb60a736a9877
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (709), with no line terminators
Hash d8e2887342b363c09cd19d9b36199dbe
47c62bf9e3e60b6ab0b61eae608db43c04f7bea4
c38e646e125827b7520415ecaf228031c848266838cd894fa44a41686fedc553
GET /settings?session_id=7b4a55a43666b31c59586e75b36fb60a736a9877 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 09 Sep 2022 14:22:04 GMT
content-length: 308
content-encoding: gzip
x-transaction-id: 44fe14c79c43ade3
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 116
x-connection-hash: e15de2243a29120bf9e3cf9d194aa0ef67bf643e0aeadcc13b77c9855a9a3f14
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
176.34.209.96200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 176.34.209.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Fri, 09 Sep 2022 14:22:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
176.34.209.96200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 176.34.209.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Fri, 09 Sep 2022 14:22:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
mazika4ever.ahlamontada.net/images/icons-180.png
94.23.73.212200 OK 14 kB URL HTTP/2 mazika4ever.ahlamontada.net/images/icons-180.png
IP 94.23.73.212:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 108bacb86cbae833725de76881975a2c
8d1eec865feafd42315cf8601f3d5c50aee1928f
7bc25235cfc4924caa1bafce5d7af79cf46b6adc71663197f0ccc9c1d9693e3c
GET /images/icons-180.png HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/t4581-topic
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa2021767=1662733315377; HstCla2021767=1662733315377; HstCmu2021767=1662733315377; HstPn2021767=1; HstPt2021767=1; HstCnv2021767=1; HstCns2021767=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: image/png
content-length: 14534
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 09 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.0.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.0.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Mon, 04 Sep 2023 14:22:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
178.250.0.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP 178.250.0.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Mon, 04 Sep 2023 14:22:05 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&gjid=1763907571&_gid=2051808273.1662733316&_u=YEBAAUAAAAAAAC~&z=646158151
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&gjid=1763907571&_gid=2051808273.1662733316&_u=YEBAAUAAAAAAAC~&z=646158151
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&gjid=1763907571&_gid=2051808273.1662733316&_u=YEBAAUAAAAAAAC~&z=646158151 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mazika4ever.ahlamontada.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Sep 2022 14:22:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9843
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:22:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9843
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:22:05 GMT
Connection: keep-alive
api.viglink.com/api/domains
176.34.209.96200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash e889f893ca6d80797dac5baa2e3a0c67
aa4eebc8bb7ba94acd359ae6f9f4c233c1ce93f3
79e224e130d260bd1ccb801fd5e892e85a36f4183e24d1d43ac1b4b30b376241
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 285
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mazika4ever.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Fri, 09 Sep 2022 14:22:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9843
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:22:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 55627
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9843
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:22:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 35351
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9ca2de4e61d1aae73da7d13ad3ec727
15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad
911550bc2b8e4c4aad215692361fe494275002f89faa9eae2e2fc2664da1107c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12107
x-amzn-requestid: 9ea883d8-b844-49d0-8651-67124d2c0852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgHANIAMF5rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-137ad22c52baa6fb04ae190d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: P5OHHQ3YLSEkmgy4GUF6SfbGkPlrVxokjSQuZLVstQDT1DpLDtGEvg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:01:29 GMT
age: 58836
etag: "15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 58610
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: e7ec7e84-0924-4f5f-b289-4c750ea99567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHHnNIAMFlrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-49565105361ec7f76cb818e0;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DvCs6zEt1p58iwZaXfuF9YFA-fieE5Y974E07YMNYPiaGbR5iuXK-A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 59774
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
age: 59716
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A21%3A56.348&type=usage&msg=rtus&llvl=2&id=5084&cv=20220907-42-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A21%3A56.348&type=usage&msg=rtus&llvl=2&id=5084&cv=20220907-42-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=14%3A21%3A56.348&type=usage&msg=rtus&llvl=2&id=5084&cv=20220907-42-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
x-fastly-to-nlb-rtt: 22792
access-control-allow-credentials: true
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/user-action
51.158.28.82200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:05 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/consent-string
51.158.28.82200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:05 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/user-action
51.158.28.82200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Content-Type: application/json
Origin: https://mazika4ever.ahlamontada.net
Content-Length: 159
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:05 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 40dad7fc5398769e147bb2143c208679
df95a599c8812acc3c9efbea19d809a8ac7e9ac1
b8e951574d1c3228a380edcd6205eb22e9240f63d837bb01310cc91079c746b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 838
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Last-Modified: Fri, 09 Sep 2022 14:08:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
choices.consentframework.com/api/v1/public/consent-string
51.158.28.82200 OK 248 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 98f27bdf869ac97583d00145db19d74f
a9b81c26d0636d1cb79babfaf204fc65d83ef3b6
9cae616b23015961222156e62d55db09bc98ec517c128810a8fde2d6f51aff72
POST /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Content-Type: application/json
Origin: https://mazika4ever.ahlamontada.net
Content-Length: 329
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:05 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 248
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fmazika4ever.ahlamontada.net
192.229.233.25200 OK 414 B URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fmazika4ever.ahlamontada.net
IP 192.229.233.25:0
Hash ef3cd2d9641c0e5a25e3a36ac556a4ea
b47e74a27fd4b5c766f8da78e1a51acc319099c7
9d9501b9d9020db7edf80009107e2a389a432f56b34f7d23074e3d36872e7aa6
GET /widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fmazika4ever.ahlamontada.net HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 754733
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Sep 2022 14:22:04 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b71e8c67bf261558f8dccdc89a2d8cb1
cbb6ec9962a4aadbe3c044d883f912ba19fd6416
64e0a6d22efc79e0f7209188cd6d8a47d452fe009cd320fb0c64a78bd60b8694
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64E0A6D22EFC79E0F7209188CD6D8A47D452FE009CD320FB0C64A78BD60B8694"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4220
Expires: Fri, 09 Sep 2022 15:32:25 GMT
Date: Fri, 09 Sep 2022 14:22:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 92f8aba7c01c0c6bdd0d19a1ed19f727
d87562dfbe5169143d59037918acff1178959439
aa7248a08aee7cc8945589619c61178cd97b035ffb58524b90e24d5801379d26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3222
Cache-Control: max-age=135496
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Etag: "631aadbf-13a"
Expires: Sun, 11 Sep 2022 04:00:21 GMT
Last-Modified: Fri, 09 Sep 2022 03:06:39 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Content-Type: application/json
Origin: https://mazika4ever.ahlamontada.net
Content-Length: 402
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a109bae509d602f93ac37348a72fd3bf
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=5pHzaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lydVJFbXFORWtmc0toYTFiSmUxZnhXT3NDZ01TTXN6cmp4RlNtaTRqSTY; expires=Wed, 04 Oct 2023 14:22:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 224713
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9d47c8d54152f25ad63c99b8c791fd51
429fb525ae79b819a40dcd3179a2b884a105cc37
7630ec788a0b411fc02fe2483720dbbce7abbd033db5d33ac3c56a25fb7f2d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1341
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Last-Modified: Fri, 09 Sep 2022 13:59:44 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 442 B IP 178.250.0.157:0
Hash e7d8b2dc2da16582549f1a017de7785f
3a9fc69cd18e961f9f29046af1e847f54481b9ab
4239d4dff17f808575d2d4ee2c52f072db5b8c63c34a7ee631fc79ba89f27ae9
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=5pHzaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lydVJFbXFORWtmc0toYTFiSmUxZnhXT3NDZ01TTXN6cmp4RlNtaTRqSTY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=-pqBWF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lydVJFbXFORWtmc0toYTFiSmUxZnp0eiUyRmxNTGZnT3Z5WW10ZmdkRWJZaQ; expires=Wed, 04 Oct 2023 14:22:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 268143
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&r=&rand=1662733316433&gdpr=1&gdpr_consent=CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true
212.83.160.162200 OK 0 B URL HTTP/1.1 js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&r=&rand=1662733316433&gdpr=1&gdpr_consent=CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true
IP 212.83.160.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&r=&rand=1662733316433&gdpr=1&gdpr_consent=CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&globalscope=false&cookieless_optout=0&tbp=true HTTP/1.1
Host: js.cookieless-data.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 09 Sep 2022 14:22:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 31 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 92c46a8772b830f782258b8d91e62b37
6b0ca9c098b1bbb193e2e8efa282a14b4480a685
57c874671a6a3289f5765f632942d83e8a5840cace29a8e5926a605bfa1a03f8
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/javascript
x-trace-id: e8675c78cd9e7effe05afd541b886eb4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=296e8a8a8b5742e4b9939083c30556a8; expires=Sat, 09 Sep 2023 14:22:05 GMT; path=/; secure; SameSite=None
oaidts=1662733325; expires=Sat, 09 Sep 2023 14:22:05 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
api.viglink.com/api/domains
176.34.209.96200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash 190489fb2e959ec77900292297fe5f23
d1edf2d6384d67fe106d4df50f1b2126a2755916
f1fcf44b1105001719a9889097ad3822f712abdcd1ce519f9a3554aac92cf8ac
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 195
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mazika4ever.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Fri, 09 Sep 2022 14:22:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 629977ef3e811313c3398e85eab258c4
69022414f3775ed783dd6d65254988b52eecf3bd
e01f6c335c13dacce6d6a8fb67f165f6c786bbffca33976484ce03922cc04237
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 86354a78c1da4ea13a932216048b2abf
ade657780508cffa8655f7cab6492dc25a79f0d2
458dbf1fcc4ef14e78b991b2f906704b4d27a985d2feb500bb5e5f832232887b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 371
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 14:22:05 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://mazika4ever.ahlamontada.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&_u=YEBAAUAAAAAAAC~&z=864307996
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&_u=YEBAAUAAAAAAAC~&z=864307996
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&_u=YEBAAUAAAAAAAC~&z=864307996 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 14:22:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&_u=YEBAAUAAAAAAAC~&z=864307996
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&_u=YEBAAUAAAAAAAC~&z=864307996
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=75647141.1662733316&jid=1619523006&_u=YEBAAUAAAAAAAC~&z=864307996 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 14:22:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.ar.html
192.229.233.25200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.ar.html
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Hash 599cf971c762a3e357501dd8edfdb7ef
7c18799d017fc35f78797bac123cbf8a795fb00e
96691768aaa33c78284afa55935f3b201617e520a47d78470b2a0a925559dd06
GET /widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.ar.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 754630
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Sep 2022 14:22:05 GMT
Etag: "916512f4e0b25f4013a42f254ca9993b+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 14164
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ede92f781233f857c299e00d2090aeba
b7296da3b0981e9c1937bf8ebc73d5138c5fa19a
16a97da8a523d4cb06430ff26d026d14377c888e5e80a78937afba38fded3122
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 629977ef3e811313c3398e85eab258c4
69022414f3775ed783dd6d65254988b52eecf3bd
e01f6c335c13dacce6d6a8fb67f165f6c786bbffca33976484ce03922cc04237
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:22:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Content-Type: application/json
Origin: https://mazika4ever.ahlamontada.net
Content-Length: 410
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3dab87adab9205f945cadc4a4c9b612f
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:22:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=532394,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748092f5fc20b527-OSL
platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.ar.html
192.229.233.25200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.ar.html
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Hash 599cf971c762a3e357501dd8edfdb7ef
7c18799d017fc35f78797bac123cbf8a795fb00e
96691768aaa33c78284afa55935f3b201617e520a47d78470b2a0a925559dd06
GET /widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.ar.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 754630
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Sep 2022 14:22:05 GMT
Etag: "916512f4e0b25f4013a42f254ca9993b+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 14164
ag.gbc.criteo.com/newidsd
185.235.84.82200 OK 104 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.82:0
Hash 02022c5387e3ed6259cf7d184aab0fd4
0877e3eeae3e9bb11af60c74796ad965cfc9b1a3
10b7fcaa8b97e0a0bd6af2a95257234205c4bc70bd1f51509c816d10a12dd963
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 84605
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=bec816c6ca2c42d7903a45447e5eb053&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=bec816c6ca2c42d7903a45447e5eb053&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7cd4f0cd386649485917ebea0550f22d
cfed932b395013e74e1118b157fc00fb2e710529
4b54a6d28f29683ef2b4d060ae1113400fd2d841beda2e8e831c584a684dd775
GET /gid.js?pub=0&userId=bec816c6ca2c42d7903a45447e5eb053&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bec816c6ca2c42d7903a45447e5eb053; expires=Sat, 09 Sep 2023 14:22:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AHMEDMADOO2%40twitter%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662733316997%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7b4a55a43666b31c59586e75b36fb60a736a9877
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AHMEDMADOO2%40twitter%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662733316997%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7b4a55a43666b31c59586e75b36fb60a736a9877
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AHMEDMADOO2%40twitter%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662733316997%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7b4a55a43666b31c59586e75b36fb60a736a9877 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 09 Sep 2022 14:22:05 GMT
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 112
x-connection-hash: e15de2243a29120bf9e3cf9d194aa0ef67bf643e0aeadcc13b77c9855a9a3f14
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AHMEDMADOO2%40twitter%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662733316996%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7b4a55a43666b31c59586e75b36fb60a736a9877
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AHMEDMADOO2%40twitter%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662733316996%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7b4a55a43666b31c59586e75b36fb60a736a9877
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AHMEDMADOO2%40twitter%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662733316996%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7b4a55a43666b31c59586e75b36fb60a736a9877 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 09 Sep 2022 14:22:05 GMT
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: e15de2243a29120bf9e3cf9d194aa0ef67bf643e0aeadcc13b77c9855a9a3f14
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 14 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60f78522fd25310469fe03e437df143e
2a1f35dfb9c083a9183cb947d5ac771565cb7436
17fd700a64a5a2f6bb185826913ab78e4f8a002b1412249ac1a65ccc67032f6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9260C2DB15C94023FDCE9ABF1325E65EC4E349F6CD75EB72AB118863CA2609D6"
Last-Modified: Wed, 07 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11523
Expires: Fri, 09 Sep 2022 17:34:09 GMT
Date: Fri, 09 Sep 2022 14:22:06 GMT
Connection: keep-alive
stootsou.net/event
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/event
139.45.197.250200 OK 94 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 39a4d600f0d01853adb1bb7924dae0ed
06aa9041c1ec9102045c2191dd02b7da006b1c69
59b48bd77c888ce7c057128084d35d08599291403b4b838940ed89d06e0900bf
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Content-Type: application/json
Origin: https://mazika4ever.ahlamontada.net
Content-Length: 433
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:06 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 309a34125a3e90fe510f8138f64f61ae
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20220907-42-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220907-42-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 4868034741a385ac7b26a6bfb12671d0
6177c78ae8d78a46a284f0f0fcd54c9ea35a6753
f4e6a028649dd971f764fcd10eead0e8ef1bfcd578d1bb2115fe7fd26d37f146
GET /libtrc/userx.20220907-42-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
x-amz-id-2: vP7CzGw/62Iipo5xyakzWHOmqd9RyG4/NJPXDDGN3D8lAjEz2AbihsjuztIJu40MrX0B7pnHoBE=
x-amz-request-id: E3ATMGCK704QCF5W
x-amz-replication-status: PENDING
last-modified: Thu, 08 Sep 2022 10:35:53 GMT
etag: "49273220a29e3715bd44453696595866"
x-amz-version-id: QppbN_MVfq9iw9JdDdkS7fDAm0zs6Bvj
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
via: 1.1 varnish
age: 57
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1662733330.497025,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 82
content-length: 5399
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 24 kB URL HTTP/2 vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b06a94b265b5ec3739dab4b38308709c
de2336288983f78217a4cc83755366e583c5920a
066de7eb0d351eda7686b2479b069a600405fed39d38c7b9163a1d3cda84e992
GET /lite-unit/1.4.0/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
etag: "b683c290896a82c974838a04b4ea4aff"
server: AmazonS3
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: w0kP5MEZQw79NgXHkjIIsPko4kc0es7tmmkidjrjTem1t5m9sj3Qcw==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
age: 3928511
x-served-by: cache-bma1661-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 993
x-timer: S1662733330.497713,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 23743
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6f5de6ffd19de27a1c365748ac9b715.jpg
151.101.85.44200 OK 9.0 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6f5de6ffd19de27a1c365748ac9b715.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9d84afdd157d7d36608828e1cb3fda9c
8525acbee3cc0b8142c88e00ea9b71a756de65de
062c26d5eef016acb23289150b1fc62d1dd4bb2a8a24af62596db8cf48ae8f32
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6f5de6ffd19de27a1c365748ac9b715.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 351477046871393896254795716666044069809,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 351477046871393896254795716666044069809,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "b9b701909a0cf99431da2d00da116f8c"
last-modified: Thu, 11 Aug 2022 21:36:42 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 710675e20dd6f61204da78561e59f04e
x-envoy-upstream-service-time: 1010
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
age: 2005100
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kjyo7100064-IAD, cache-sna10723-LGB, cache-iad-kjyo7100098-IAD, cache-bma1661-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1662733330.493462,VS0,VE12
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6f5de6ffd19de27a1c365748ac9b715.jpg
x-vcl-time-ms: 12
content-length: 8984
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif
151.101.85.44200 OK 9.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif
IP 151.101.85.44:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 180x150, components 3\012- data
Hash 5b3d79a129ffacf6721cb7069e747bd7
bcfd894ef6a321231e5317ca3e02bc22db914b99
4f935ed45f2d8f71adceafda186beeabed8dbf55a9c0fc783cc61ed338d524fb
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 557219819409828995174939368545043474145,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 557219819409828995174939368545043474145,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "5b3d79a129ffacf6721cb7069e747bd7"
expiration: expiry-date="Fri, 22 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 21 Jun 2022 11:38:56 GMT
server: cloudinary
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
age: 4586778
x-served-by: cache-iad-kcgs7200086-IAD, cache-iad-kjyo7100044-IAD, cache-bma1661-BMA
x-cache: HIT, HIT, HIT
x-cache-hits: 1, 1, 1
x-timer: S1662733331.593880,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif
x-vcl-time-ms: 1
content-length: 9795
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 8.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 679744ee01cd8f0e9d5bd3f97de9a1fd
b678d18309e35ff0e206ae0bbc0d7f57001406f4
fdf1eda67cab7bf239fe9d9d494cf0a204f403ebacc19e6828c2d20fda48175c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "f48ef060a18c1a36e8e104736857c035"
last-modified: Mon, 01 Aug 2022 21:06:16 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 8544715cb3b2ca4a05af08ddcfd6afae
x-envoy-upstream-service-time: 511
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
age: 1391229
x-served-by: cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200125-IAD, cache-lga21965-LGA, cache-iad-kiad7000098-IAD, cache-bma1661-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1662733331.596728,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 8080
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=14%3A22%3A01.044<i=deflated&data=%7B%22id%22%3A430%2C%22ii%22%3A%22%2Ft4581-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662633195163%2C%22vi%22%3A1662733321040%2C%22cv%22%3A%2220220907-42-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22vpi%22%3A%22%2Ft4581-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A5881%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A392.20001220703125%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5776.2001953125%2C%22mw%22%3A759%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft4581-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 15 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=14%3A22%3A01.044<i=deflated&data=%7B%22id%22%3A430%2C%22ii%22%3A%22%2Ft4581-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662633195163%2C%22vi%22%3A1662733321040%2C%22cv%22%3A%2220220907-42-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22vpi%22%3A%22%2Ft4581-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A5881%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A392.20001220703125%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5776.2001953125%2C%22mw%22%3A759%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft4581-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
Hash c44d869c257a1629000535987e86f807
8559232c5bcb67750fe349590828738174c2db95
3f1c9a6ebd9ff2381a4eebf6fe3f207f7d0347891a3a625620409a870638a5d9
GET /forumotion-ar/trc/3/json?tim=14%3A22%3A01.044<i=deflated&data=%7B%22id%22%3A430%2C%22ii%22%3A%22%2Ft4581-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662633195163%2C%22vi%22%3A1662733321040%2C%22cv%22%3A%2220220907-42-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic%22%2C%22vpi%22%3A%22%2Ft4581-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A5881%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A392.20001220703125%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5776.2001953125%2C%22mw%22%3A759%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft4581-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mazika4ever.ahlamontada.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662733330.844160,VS0,VE452
vary: Accept-Encoding
x-vcl-time-ms: 452
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
151.101.85.44200 OK 4.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 85d6665eb3758d3add4f56e9b5ec47a7
bf2376c737393b47df61ccaca117f3a89fa001e2
64f8e91e214ff8371e97291e870c98beecc5a8749c5d4126c9b3ad1b21bfbb4f
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 409007793272519477888960907609700542045,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 409007793272519477888960907609700542045,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "b85cfc53a7a844c2160415aed2821355"
expiration: expiry-date="Fri, 12 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 12 Jul 2022 13:38:14 GMT
req-referer: https://rhmanof101.syriaforums.net/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 119
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
age: 3238115
x-served-by: cache-iad-kcgs7200082-IAD, cache-iad-kcgs7200153-IAD, cache-lga21975-LGA, cache-iad-kcgs7200150-IAD, cache-bma1661-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 1, 1
x-timer: S1662733331.598000,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
x-vcl-time-ms: 1
content-length: 4534
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&encoded=1&uid=7a80c1f9-d3dc-4476-a0f7-57e35eb9407d-tucta14d191&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662733321606&tagid=&cntry=NO&platform=1&sesid=c9a710d63a9ac87b0e06128da05eea9b&itemid=/t4581-topic&viewid=1662733321040&geolat=&geoing=&deviceifa=&appid=&sd=v2_c9a710d63a9ac87b0e06128da05eea9b_7a80c1f9-d3dc-4476-a0f7-57e35eb9407d-tucta14d191_1662733329_1662733329_CNawjgYQ3pxDGNCGhJWyMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=7d42c27bf044adb19966fe0e2e5989f2&appname=&cdb=CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-7890174497976291950&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8481
151.101.85.44200 OK 9.1 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&encoded=1&uid=7a80c1f9-d3dc-4476-a0f7-57e35eb9407d-tucta14d191&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662733321606&tagid=&cntry=NO&platform=1&sesid=c9a710d63a9ac87b0e06128da05eea9b&itemid=/t4581-topic&viewid=1662733321040&geolat=&geoing=&deviceifa=&appid=&sd=v2_c9a710d63a9ac87b0e06128da05eea9b_7a80c1f9-d3dc-4476-a0f7-57e35eb9407d-tucta14d191_1662733329_1662733329_CNawjgYQ3pxDGNCGhJWyMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=7d42c27bf044adb19966fe0e2e5989f2&appname=&cdb=CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-7890174497976291950&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8481
IP 151.101.85.44:0
Hash d7987716f3339810242fa8104ad15038
4185004dc1e051da894428d878e23f31ca7d57b0
7464282da42f158184bf8c924a1d9d88a6d21560c2211e5346312916e96a2d9f
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&encoded=1&uid=7a80c1f9-d3dc-4476-a0f7-57e35eb9407d-tucta14d191&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1662733321606&tagid=&cntry=NO&platform=1&sesid=c9a710d63a9ac87b0e06128da05eea9b&itemid=/t4581-topic&viewid=1662733321040&geolat=&geoing=&deviceifa=&appid=&sd=v2_c9a710d63a9ac87b0e06128da05eea9b_7a80c1f9-d3dc-4476-a0f7-57e35eb9407d-tucta14d191_1662733329_1662733329_CNawjgYQ3pxDGNCGhJWyMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=7d42c27bf044adb19966fe0e2e5989f2&appname=&cdb=CPfCRQAPfCRQABcAIBENCgCgAAAAAH_AABpwIDwAAQHgagALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA8gB_wEegJiAU0AtQBeYDBAGGgMfAZIA4sBygDsAAA&gdprApplies=true&rid=&sii=-7890174497976291950&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=8481 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mazika4ever.ahlamontada.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1415
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:10 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662733330.498925,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
151.101.85.44304 Not Modified 0 B URL HTTP/2 vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lite-unit/1.4.0/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
If-Modified-Since: Tue, 31 Mar 2020 13:14:35 GMT
If-None-Match: "b683c290896a82c974838a04b4ea4aff"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 09 Sep 2022 14:22:10 GMT
via: 1.1 varnish
cache-control: public, max-age=2592000
etag: "b683c290896a82c974838a04b4ea4aff"
age: 3928511
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 994
x-timer: S1662733331.616642,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
X-Firefox-Spdy: h2
api.viglink.com/api/domains
176.34.209.96200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 176.34.209.96:0
File type ASCII text, with no line terminators
Hash c067881617268d8f8dde2d10bbc41a81
09f3cb5b43e1ccca03e9324246ec8a7e93e7abf3
ffa2851795c27f81403bfeb78183bbe4352778fa94a38db3ee05f0970b82b993
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 300
Origin: https://mazika4ever.ahlamontada.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mazika4ever.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Fri, 09 Sep 2022 14:22:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4a401d8bdc2cdd6ac368bb2e48299a3
c9363e3a61debb8b753577ccaa56c5aa82074b2f
9260c2db15c94023fdce9abf1325e65ec4e349f6cd75eb72ab118863ca2609d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9260C2DB15C94023FDCE9ABF1325E65EC4E349F6CD75EB72AB118863CA2609D6"
Last-Modified: Wed, 07 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11519
Expires: Fri, 09 Sep 2022 17:34:09 GMT
Date: Fri, 09 Sep 2022 14:22:10 GMT
Connection: keep-alive
mazika4ever.ahlamontada.net/sw.js?v=3.1.392&o=bec816c6ca2c42d7903a45447e5eb053&pub=0&p=2308013
94.23.73.212304 Not Modified 0 B URL HTTP/2 mazika4ever.ahlamontada.net/sw.js?v=3.1.392&o=bec816c6ca2c42d7903a45447e5eb053&pub=0&p=2308013
IP 94.23.73.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.js?v=3.1.392&o=bec816c6ca2c42d7903a45447e5eb053&pub=0&p=2308013 HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa2021767=1662733315377; HstCla2021767=1662733315377; HstCmu2021767=1662733315377; HstPn2021767=1; HstPt2021767=1; HstCnv2021767=1; HstCns2021767=1; _ga=GA1.2.75647141.1662733316; _gid=GA1.2.2051808273.1662733316; _gat_gtag_UA_144347007_1=1; _gat_gtag_UA_22844002_1=1; cto_bundle=Hidi6F9NblRUejVaUk43VnBzT25MOTJwMWwwYlBQbTJlQjA1ZmpydmdSTHRtUUprM29ZczFuOWxvNEoxN2tFdHpGcm80TVNRdzhwQmU2cWtsZG8xcENSYXJ2cDVQcDR0MXRFcHdKM1FPUjZjRjZoVFZYT3c3YVRIZUhBTCUyRlclMkZvWiUyRlZKJTJCc3NEUkhEQzAxbjNqZEp3bGIyejl3ZyUzRCUzRA; prefetchAd_3765907=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 27 Aug 2019 13:54:01 GMT
If-None-Match: W/"5d6535f9-1554"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 09 Sep 2022 14:22:11 GMT
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: "5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A22%3A01.761&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=551&cv=20220907-42-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A22%3A01.761&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=551&cv=20220907-42-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=14%3A22%3A01.761&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=551&cv=20220907-42-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Sep 2022 14:22:10 GMT
x-fastly-to-nlb-rtt: 79547
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A22%3A01.984&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=2252&cv=20220907-42-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=14%3A22%3A01.984&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=2252&cv=20220907-42-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=14%3A22%3A01.984&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=2252&cv=20220907-42-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Sep 2022 14:22:11 GMT
x-fastly-to-nlb-rtt: 79423
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3430
Origin: https://mazika4ever.ahlamontada.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662733331.407945,VS0,VE79
x-vcl-time-ms: 79
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://mazika4ever.ahlamontada.net/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Fri, 09 Sep 2022 14:22:11 GMT
via: 1.1 varnish
age: 24724
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 3007
x-timer: S1662733332.553519,VS0,VE0
cache-control: private,max-age=31536000
abp: 82
content-length: 254
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/ak.fbcdn.net/hphotos-ak-snc4/hs247.snc4/39689_108686392518734_100001321224899_65342_4986589_n.jpg
94.23.73.212404 Not Found 0 B URL HTTP/2 mazika4ever.ahlamontada.net/ak.fbcdn.net/hphotos-ak-snc4/hs247.snc4/39689_108686392518734_100001321224899_65342_4986589_n.jpg
IP 94.23.73.212:0
GET /ak.fbcdn.net/hphotos-ak-snc4/hs247.snc4/39689_108686392518734_100001321224899_65342_4986589_n.jpg HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/t4581-topic
Cookie: exadd=166274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: text/html
etag: W/"5db7f6f0-1044"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/sw.js
94.23.73.212200 OK 0 B URL HTTP/2 mazika4ever.ahlamontada.net/sw.js
IP 94.23.73.212:0
GET /sw.js HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/t4581-topic
Connection: keep-alive
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa2021767=1662733315377; HstCla2021767=1662733315377; HstCmu2021767=1662733315377; HstPn2021767=1; HstPt2021767=1; HstCnv2021767=1; HstCns2021767=1; _ga=GA1.2.75647141.1662733316; _gid=GA1.2.2051808273.1662733316; _gat_gtag_UA_144347007_1=1; _gat_gtag_UA_22844002_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
pushazam.com/ntfc.php?p=2308013&r=sw
139.45.197.251200 OK 0 B URL HTTP/2 pushazam.com/ntfc.php?p=2308013&r=sw
IP 139.45.197.251:0
GET /ntfc.php?p=2308013&r=sw HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:06 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
2img.net/h/www.wallpaper.cz/primo/old_ir/anime_podzim--400x300.jpg
104.21.235.176404 Not Found 0 B URL HTTP/2 2img.net/h/www.wallpaper.cz/primo/old_ir/anime_podzim--400x300.jpg
IP 104.21.235.176:0
GET /h/www.wallpaper.cz/primo/old_ir/anime_podzim--400x300.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyWLwPVzYOwa1TlGqj0ZqM55oLNG4iNojCL4FyjJtUve6SyYPKNHJRqsHIrMppnex9dF2Q8K3OviwPnjpPvzTXj7Z7aYNALvETWRc72rj5YaQbzz6H5%2BdZPCcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 748092e90d54f3f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/marquee/jquery.marquee.min.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/marquee/jquery.marquee.min.js
IP 104.21.63.213:0
GET /rs3/63/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Fri, 08 Sep 2023 08:06:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
cf-cache-status: HIT
age: 108926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quQEc8HHddFimgTuj9mfdwYOUZH3pefLnmcHvNQPAwzHgIvKLHlgpDwXfLAORNmHzkZfyoxR9P5oOKdaDkaJnK%2B2vOHa35pVoEzIPlvAjTWAiEeUKIOdfW3KbfYI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e6f9f51c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/lang/ar.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/lang/ar.js
IP 104.21.63.213:0
GET /rs3/63/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 108851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx5y6NM3WijhfC1P0Cwg4TGlrdrgiAooaXhg6XL40RpT4KwDtT7Y8%2BCZ6Uyif0u6vFrQ%2BgqEfVwEeMUn9DyVAHAJdDPS4XTAP2%2F2ueOrv4L4%2BP2Ev0go3XN5Q4ci%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e6f9f31c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.114200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.114:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 73936
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pushazam.com/ntfc.php?p=2308013&r=sw
139.45.197.251200 OK 0 B URL HTTP/2 pushazam.com/ntfc.php?p=2308013&r=sw
IP 139.45.197.251:0
GET /ntfc.php?p=2308013&r=sw HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:10 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/t4581-topic
94.23.73.212200 OK 0 B URL HTTP/2 mazika4ever.ahlamontada.net/t4581-topic
IP 94.23.73.212:0
GET /t4581-topic HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Fri, 09 Sep 2022 00:00:00 GMT
last-modified: Fri, 09 Sep 2022 14:22:00 GMT
vary: User-Agent
set-cookie: exadd=166274; expires=Fri, 09-Sep-2022 18:22:00 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 172.67.158.56:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuEUBH1pHx22GGmjB3HpkQQInVqTxYkUpo3XzmWAqDZMFq865k9nOar7VZ3bnrW3w6t9tRcW8dkdCSlQdurlfHlz0OSjMbGtVjL2PuMhc5r8NlnkUonRHMCJTP1FCQ7ra%2BwmQmA9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092ec9fe7b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=mazika4ever.ahlamontada.net
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=mazika4ever.ahlamontada.net
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=mazika4ever.ahlamontada.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=5e44c295-251c-4fa2-9d4d-8ada49e24091; expires=Wed, 04 Oct 2023 14:22:04 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 546048
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/serviceworker.js
94.23.73.212200 OK 0 B URL HTTP/2 mazika4ever.ahlamontada.net/serviceworker.js
IP 94.23.73.212:0
GET /serviceworker.js HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.392
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.392
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.392 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-20481"
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=At39fofJZgX5kvR4dm1RqkLHtBLpGT2Si9MuqyfMT-_16nJCtlr48KzUg3TBg0dPSsxp9YbPwOcegtyEE0QXZRjoRLGMgepKjsJZr61y3NwHEEvri2y_1vGB2YX-Ti5CWkKk0WCFoTMFZDxIpLi5MtiHKhNEssDyOpVaquZNeQK56uQXkAP8-Q1CI9q253HgWJ2NYX23z1PXT1xxp_3szawMoJ0eAhXHF4O8Ky5Jky4%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=8&pl=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=84ba6251-b1c1-4489-b42a-7d6aa4abbaa2&userId=296e8a8a8b5742e4b9939083c30556a8&m=link
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/?rb=At39fofJZgX5kvR4dm1RqkLHtBLpGT2Si9MuqyfMT-_16nJCtlr48KzUg3TBg0dPSsxp9YbPwOcegtyEE0QXZRjoRLGMgepKjsJZr61y3NwHEEvri2y_1vGB2YX-Ti5CWkKk0WCFoTMFZDxIpLi5MtiHKhNEssDyOpVaquZNeQK56uQXkAP8-Q1CI9q253HgWJ2NYX23z1PXT1xxp_3szawMoJ0eAhXHF4O8Ky5Jky4%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=8&pl=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=84ba6251-b1c1-4489-b42a-7d6aa4abbaa2&userId=296e8a8a8b5742e4b9939083c30556a8&m=link
IP 139.45.195.8:0
GET /?rb=At39fofJZgX5kvR4dm1RqkLHtBLpGT2Si9MuqyfMT-_16nJCtlr48KzUg3TBg0dPSsxp9YbPwOcegtyEE0QXZRjoRLGMgepKjsJZr61y3NwHEEvri2y_1vGB2YX-Ti5CWkKk0WCFoTMFZDxIpLi5MtiHKhNEssDyOpVaquZNeQK56uQXkAP8-Q1CI9q253HgWJ2NYX23z1PXT1xxp_3szawMoJ0eAhXHF4O8Ky5Jky4%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=8&pl=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=84ba6251-b1c1-4489-b42a-7d6aa4abbaa2&userId=296e8a8a8b5742e4b9939083c30556a8&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mazika4ever.ahlamontada.net/
Origin: https://mazika4ever.ahlamontada.net
Connection: keep-alive
Cookie: OAID=296e8a8a8b5742e4b9939083c30556a8; oaidts=1662733325
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:22:05 GMT
content-type: application/json
x-trace-id: 351313778bf9aaac23f3707cf1547f9e
access-control-allow-origin: https://mazika4ever.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=296e8a8a8b5742e4b9939083c30556a8; expires=Sat, 09 Sep 2023 14:22:05 GMT; path=/; secure; SameSite=None
oaidts=1662733325; expires=Sat, 09 Sep 2023 14:22:05 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 16 Sep 2022 14:22:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
mazika4ever.ahlamontada.net/sw.js?v=3.1.392&o=bec816c6ca2c42d7903a45447e5eb053&pub=0&p=2308013
94.23.73.212200 OK 0 B URL HTTP/2 mazika4ever.ahlamontada.net/sw.js?v=3.1.392&o=bec816c6ca2c42d7903a45447e5eb053&pub=0&p=2308013
IP 94.23.73.212:0
GET /sw.js?v=3.1.392&o=bec816c6ca2c42d7903a45447e5eb053&pub=0&p=2308013 HTTP/1.1
Host: mazika4ever.ahlamontada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166274; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; HstCfa2021767=1662733315377; HstCla2021767=1662733315377; HstCmu2021767=1662733315377; HstPn2021767=1; HstPt2021767=1; HstCnv2021767=1; HstCns2021767=1; _ga=GA1.2.75647141.1662733316; _gid=GA1.2.2051808273.1662733316; _gat_gtag_UA_144347007_1=1; _gat_gtag_UA_22844002_1=1; cto_bundle=Hidi6F9NblRUejVaUk43VnBzT25MOTJwMWwwYlBQbTJlQjA1ZmpydmdSTHRtUUprM29ZczFuOWxvNEoxN2tFdHpGcm80TVNRdzhwQmU2cWtsZG8xcENSYXJ2cDVQcDR0MXRFcHdKM1FPUjZjRjZoVFZYT3c3YVRIZUhBTCUyRlclMkZvWiUyRlZKJTJCc3NEUkhEQzAxbjNqZEp3bGIyejl3ZyUzRCUzRA; prefetchAd_3765907=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:06 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Sun, 09 Oct 2022 14:22:03 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 0ABA:25E6:BEFB7:C66AA:63179B03
vary: Accept-Encoding
x-fastly-request-id: 0a98234bb389a2dda5c78fa1dad361c4ff87e38d
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cache.consentframework.com/js/pa/24697/c/IxWav/stub
104.26.4.102200 OK 0 B URL HTTP/2 cache.consentframework.com/js/pa/24697/c/IxWav/stub
IP 104.26.4.102:0
GET /js/pa/24697/c/IxWav/stub HTTP/1.1
Host: cache.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:03 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains; preload
last-modified: Fri, 09 Sep 2022 13:39:47 GMT
cf-cache-status: HIT
age: 1351
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr0jT0jJ7843dbFDYiLl4%2FwO5P6pR4EBqKwTf%2BD3l%2BescLF27xJ0Knlj4i4hPEO7Fj2VzzhsCrDuq7XdzvCDosEapiy2MxizhEMuLH1hIzVlAK0moWftYOKzXbECKSPHIROGrxnG1ZA8S9ml"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748092e7187db527-OSL
content-encoding: br
X-Firefox-Spdy: h2
connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1
IP 172.67.158.56:0
GET /button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ft4581-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmazika4ever.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1 HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mazika4ever.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 14:22:04 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Fri, 09 Sep 2022 02:22:04 GMT
expires: Fri, 09 Sep 2022 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IkdyblNqTzN2b1ZxeXYzZmtIXC9EcVJnPT0iLCJ2YWx1ZSI6ImV1RytyOXFNMzVxMnJndHNoa2Flc2ZHY3E2Mmtua3VaV0dSRzNOODRITDNIaEtXcEFTZEVhZXFrY0FOVittZm8iLCJtYWMiOiIyOWEyZjdlNzFiNDgwNDJkNzcyODdhNmI2YTNkNjZkMDNlYzA1NzQzMjI3ZDBmYzNhN2QyNDllNDU5ZjczY2JlIn0%3D; expires=Fri, 09-Sep-2022 16:22:04 GMT; Max-Age=7200; path=/; domain=.topicit.net
topicit_session=6ZC54sHzKpdQ7N8P8QsCCzCpUOIZ7qcoOr2T5PhX; expires=Fri, 09-Sep-2022 16:22:04 GMT; Max-Age=7200; path=/; domain=.topicit.net; httponly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiLf4KlCNafxPSpeTGMQhsimoW7PT7jlHc6moA1QYZo%2BrhIVKlx6zfMF8hqTiji1088%2Bxq5j2KlrthiOywyYP5436rQMIS0tx1Rp0D83ckncqQO8%2FBwrUvy5FTLlY0L%2F3LLuLZ84"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748092ecb81ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2