moontada.ahlamontada.net/t17-topic
94.23.76.111301 Moved Permanently 0 B URL HTTP/1.1 moontada.ahlamontada.net/t17-topic
IP 94.23.76.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t17-topic HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 10:16:04 GMT
Content-Length: 0
Location: https://moontada.ahlamontada.net/t17-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12059
Expires: Sun, 06 Nov 2022 13:37:03 GMT
Date: Sun, 06 Nov 2022 10:16:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5759
Cache-Control: max-age=89459
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:07:03 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2186
Cache-Control: max-age=85886
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:07:30 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 06 Nov 2022 09:43:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5716
Expires: Sun, 06 Nov 2022 11:51:20 GMT
Date: Sun, 06 Nov 2022 10:16:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: js3BER19vAwsv1/3p572zZmXhZ39fTcE2H5jEstDn1PyGxyw05w2jVVY5Y6UXeA1OIFK0M+ragQ=
x-amz-request-id: G4S6K2Y0PCTVC0W7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 09:47:35 GMT
age: 1709
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8253caaf20014ecd142b02db36ec669
410af41c54e775143ededa49dd4c369010df2950
d9081e687518532afd38940be12b0712f88a6e9df58495fb06d9b644ca3a4596
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9081E687518532AFD38940BE12B0712F88A6E9DF58495FB06D9B644CA3A4596"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9965
Expires: Sun, 06 Nov 2022 13:02:09 GMT
Date: Sun, 06 Nov 2022 10:16:04 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6517
Cache-Control: max-age=158969
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 06:25:33 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6517
Cache-Control: max-age=158969
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 06:25:33 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 117
Cache-Control: max-age=152569
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 04:38:53 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:41:25 GMT
expires: Sat, 04 Nov 2023 22:41:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 128079
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6517
Cache-Control: max-age=158969
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 06:25:33 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2602630
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzC7yF3crlsiTESdvNDLJLLuQkUJPfJiBfxVY%2BjMXcc%2FczcGSFSniIYzNLmXA2qAOvEkXq4iBzukir5iu2Btu0WVhzUsTIxBHcLKiKgrH8ezLFGUkH9%2ByyDZZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1257084875d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 6fb601c4dac325f3ee9469210f364ee5
d187fcc5d1f8bea52e1447357fae3076d5b6fa8c
c582bda55e4a8ab56f23aa97e424d76d647830c7de703f24e9f5ac4cf00e03e0
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 10:16:04 GMT
expires: Sun, 06 Nov 2022 10:16:04 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.176200 OK 42 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2602633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpBky0P17wjgY1EAv0NOTZk9Ym9EKbNA6a0IYZOZY2UMVFamZFp6lEJdkck9q08aA%2BOmr4rWrMdtyqeNkM72zB4BPTR%2BWxkWmAU8odajPpqVlYcTpePtGWDcbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1257084d75d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 55ba4a4c9b7f4a690ac25acbc809f47e
37be45326d09dabd6b5895092f09cf3637da8981
6ea053c44536cc954eea4c9faef78bae09e5d36b5b210d3a81481e1683d44476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3597
Cache-Control: max-age=114638
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:04 GMT
Etag: "63669825-139"
Expires: Mon, 07 Nov 2022 18:06:42 GMT
Last-Modified: Sat, 05 Nov 2022 17:06:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
www.googletagmanager.com/gtag/js?id=
142.250.74.168200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9a0827f4a6538604826801f38c9c576c
4e324e8842772f6ed404b94cb2a17b5a26738e05
437ebe46bafaad18d8a3ac7d6209d53568bba2528a89a9cc03c92dfa31db398e
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 10:16:04 GMT
expires: Sun, 06 Nov 2022 10:16:04 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 08601075c252ac6f530d87a1e7fa560d
159b8509fdc3940ca3f4a03b972a30e1677e3581
f9ea0cf324c55628c07f7c2127110cbeabe4ab4216367617cd622ae511b40297
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2855
Cache-Control: max-age=111028
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:05 GMT
Etag: "63668cf2-2d7"
Expires: Mon, 07 Nov 2022 17:06:33 GMT
Last-Modified: Sat, 05 Nov 2022 16:18:58 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 727
2img.net/s/t/18/56/73/i_icon_www.png
104.21.235.176200 OK 3.5 kB URL HTTP/2 2img.net/s/t/18/56/73/i_icon_www.png
IP 104.21.235.176:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 2402b894c0625a3e11ac2dfb50334415
0418d85c15f6eaeb4bbf46bb5e23b3734ca776b4
c41025d572bdc0a2e086836c64994515faaee4197f2e91362afd6d642ac5635a
GET /s/t/18/56/73/i_icon_www.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: image/png
content-length: 3467
last-modified: Sat, 07 Apr 2012 10:02:03 GMT
etag: "4f80109b-d8b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q6jobv1ysd8VBcFd%2FqfOsCY5yhtsL23Wv7XdZ7jNKO56m2HHO4R1%2BvdPyffxsxH90X4FK%2BZO9YwwIt6ex7fMDkiNl9ZOGvNJvN1EwH2cbKnLCc5SXmXKZIdYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1257084b75d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illiweb.com/rs3/63/frm/lang/ar.js
104.21.63.213200 OK 19 kB URL HTTP/2 illiweb.com/rs3/63/frm/lang/ar.js
IP 104.21.63.213:0
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash 9ca305013e3d79f6b9d4468428bdc620
eb19d35973d7f375d79e226327d60c292a846043
76a2df44cf893ae8a828b63f851fd7921e86c51ff9d131b0cf195665f7e78ca8
GET /rs3/63/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5105292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96SFsjr7FCDnddsqZPPrtg4xgqfuSBaYmxOiQ%2FffiiZTQYd59AmFsRMpVIsUdqFHu%2FfyKV7MqUdCnQIGshGZEXRqnurlUa5wGOpZOpZETItOuWYYYtnrwwhkemy%2BeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1256da870b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/18/56/73/i_icon_mini_login.gif
104.21.235.176200 OK 210 B URL HTTP/2 2img.net/s/t/18/56/73/i_icon_mini_login.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 69 x 15\012- data
Hash 478b0903de74fea3efe50efc084b06ad
d4058af1d49094301d48842830e9218713112910
acfad299a579faa07c9e3106f797d038fdd85168a6d01cab29ed1cb0d91ce5d8
GET /s/t/18/56/73/i_icon_mini_login.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: image/gif
content-length: 210
last-modified: Sat, 07 Apr 2012 10:02:15 GMT
etag: "4f8010a7-d2"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9K4XFEREdfQ4%2B7NVSNg6JmW9PIuTJv4miq5Lkvc4b0jsOiYRiCHgJ%2BJSkCwGHD4jchX8%2FeWo0XzsDTSINAhWH8tehN8jkN9K4vZ2VVR%2BQpKheT0bwHagVkxUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1257084975d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/18/56/73/i_icon_mini_index.gif
104.21.235.176200 OK 205 B URL HTTP/2 2img.net/s/t/18/56/73/i_icon_mini_index.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 69 x 15\012- data
Hash ff22b8bb414fd33a40e84c7ac4529f71
0f830c7ac151e5a48bb0985eba808a44d3577c88
846c76b3e7c6163095036cb0141ab9f4e5e68295bfe0904b3c2a4e50863890d3
GET /s/t/18/56/73/i_icon_mini_index.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: image/gif
content-length: 205
last-modified: Sat, 07 Apr 2012 10:02:16 GMT
etag: "4f8010a8-cd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8Fmno7GaINiSSVVSX4KkSaqqx7navIxX8FQ2FE7jlX2GAz26hK4WNuFBhPFSoj0v9drP127JpHKvh0LNhR5wevqteH81rEyMYIrdmoGCKUZ3VdHNZamLbIfOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1257084c75d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/18/56/73/i_icon_mini_register.gif
104.21.235.176200 OK 324 B URL HTTP/2 2img.net/s/t/18/56/73/i_icon_mini_register.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 90 x 15\012- data
Hash f8cfe167907a6c9f5154d294c8503e54
788a14ea5afc7f75fde4bfb0330acfa2f087f444
68c1544b6b471492113d7d3516bc0bc10f931e3e21d8b240002b27ce97cbb281
GET /s/t/18/56/73/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: image/gif
content-length: 324
last-modified: Sat, 07 Apr 2012 10:02:14 GMT
etag: "4f8010a6-144"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba7G1Z2sP6jPMT2ot7cwCImpM6A6qTMgaMiCTRnPOQ%2FRlWUUBwVVonTRmoOBqqbkLW%2B1StW1Y%2BqiGqcZlnxZfgsAbGhmIFZclPOvot5A83%2FMyibYJzctN73%2Big%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1257084275d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moontada.ahlamontada.net/0-rtl.css
94.23.150.222200 OK 55 kB URL HTTP/2 moontada.ahlamontada.net/0-rtl.css
IP 94.23.150.222:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 08971fd8518a19a4660a0b565a9f9718
b281ae3e5538f03a3b5f7c4666a286a673a91736
2d88f559b6f875f8a13d1d468d427ea7c1ec2df71f272e402dc0eb6fa13b5ff8
GET /0-rtl.css HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/t17-topic
Cookie: exadd=166774
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: text/css
content-length: 55435
last-modified: Sun, 06 Nov 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4816
Cache-Control: max-age=83458
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:05 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:27:03 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
i.servimg.com/u/f14/13/64/37/51/158.png
172.67.178.62200 OK 152 B URL HTTP/2 i.servimg.com/u/f14/13/64/37/51/158.png
IP 172.67.178.62:0
File type PNG image data, 9 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 59a9859104cf4ebba84589945a167b2a
755731b3f2528861adbf8775b4b0d671294fc911
9f53fcc02d46a9fb73290db1420146fa4b278fef5960d4b6dfcec6584b2e8abe
GET /u/f14/13/64/37/51/158.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: image/png
content-length: 152
last-modified: Wed, 20 Jan 2010 23:49:35 GMT
etag: "4b57968f-98"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Wed, 18 Oct 2023 02:58:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 778892
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMEGZKH%2FmpF5Z4%2Fd8lvDwQ2%2BMkNx6DVQ9m0Pqs1hDkabAwmqWBVg8eDrJkCX3MmauZcvi87tPbDZ116FzpnyEtUiTYjmk2SGlgETVPAj32P9NnazW8M8jqUg4ikBPLkG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765d12599ef5b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 91b80b577c37bbb82e653f878cf5eef6
4a0438d268908026e7e6b61f8ed495befdf2b4c9
aa01eb803ddb538c30b1b8bcb6a562d6f97e05fe0c6f2576b572abc1be27aabb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA01EB803DDB538C30B1B8BCB6A562D6F97E05FE0C6F2576B572ABC1BE27AABB"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7948
Expires: Sun, 06 Nov 2022 12:28:33 GMT
Date: Sun, 06 Nov 2022 10:16:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1696138a3933172676975fb8bd330eab
a1bae88a934732f0a7baa161c78c2aa94d445613
8ae5eab989db0d22c51848c912d2e03b37c1e69e9c70db8bd86ac9249f1f6708
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4539
Cache-Control: max-age=90377
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:05 GMT
Etag: "636635b3-13a"
Expires: Mon, 07 Nov 2022 11:22:22 GMT
Last-Modified: Sat, 05 Nov 2022 10:06:43 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZDyS/wBb1dgd7/yckfmPBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JDE5KittjufzYIKKn3kbaboTwwc=
i.servimg.com/u/f45/17/15/17/80/unouoo10.png
172.67.178.62200 OK 279 B URL HTTP/2 i.servimg.com/u/f45/17/15/17/80/unouoo10.png
IP 172.67.178.62:0
File type PNG image data, 112 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash ea3a776736dea4922061bbd55f9b29bf
d7613550e64a8ad5a1dca5093e6a4906105db44a
c49526f1d888de294bc6aefe1e0063c85424649d6b7d59d53280a76bb0ab5854
GET /u/f45/17/15/17/80/unouoo10.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: image/png
content-length: 279
last-modified: Thu, 29 Mar 2012 12:00:02 GMT
etag: "4f744ec2-117"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 13:06:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxJwnpcmozJlXu7I8oG7wDTiZhlAsTZiB%2FLuhPuyfceDhtT%2FTaQ6bZxtdek6Yv5EN0tcjV1M6rAq6wY2a%2BeGJb4t%2B5L4iAolZk2wEXBbqQxaGauWsr1vCD85HgQYT6yi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765d12598ee6b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=moontada.ahlamontada.net&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=moontada.ahlamontada.net&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 9b414c52aa384ad6143348a9376e7bf2
91c3bb92bff88cb5deff72bf69ab3a39a609e636
ff16563d9db6f4a992009f0d208dfb9bf6c1d4210bbc4b7d0c29dbfee18cf37b
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=moontada.ahlamontada.net&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: efa39da17e9ab95bc1b95a12508ff4a4
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e3435d6d488db0b1eb5c2d12336c0ba
97135089d3dcef4067d5169083cb78b4c1b132e2
2bad865dd9272ac94ad40a0a4214a524323c55f7df32febdcd8327045c46e124
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4943
Cache-Control: max-age=114570
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:05 GMT
Etag: "636692a0-139"
Expires: Mon, 07 Nov 2022 18:05:35 GMT
Last-Modified: Sat, 05 Nov 2022 16:43:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=axUNvl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTc5YmZtQVh5UUZKdVdyd0FMdGZXJTJCTw; expires=Fri, 01 Dec 2023 10:16:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 230384
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 632fee60e8de673337ea4d57a9a0c5e7
4ed258934308767241536f6ebd89ecf71e6bdcdc
1ddb35705859250c31ab9c2161499aa8c41e1c649c08e192d88544fbba20b7b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6350
Cache-Control: max-age=88249
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:05 GMT
Etag: "63662650-139"
Expires: Mon, 07 Nov 2022 10:46:54 GMT
Last-Modified: Sat, 05 Nov 2022 09:01:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://moontada.ahlamontada.net/
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8cdf3b1aed8dc302fbde29a49b372559
caf603b0e056f637d30432ca653f2785b3809ab9
505b1907f602943b373fd5dbfe5b3aa066c2e2eb718c2374f70595d20bcb08c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "505B1907F602943B373FD5DBFE5B3AA066C2E2EB718C2374F70595D20BCB08C4"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4888
Expires: Sun, 06 Nov 2022 11:37:33 GMT
Date: Sun, 06 Nov 2022 10:16:05 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Content-Type: application/json
Origin: https://moontada.ahlamontada.net
Content-Length: 394
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 44a6a6e883a4f91f2d10aafe925dff53
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bde8405f076312057513c55225480077
a2830a00647e30190e33dfc3ba028c7ce14cae59
d659995610af5debc0888154adc23bc05f5c4dba2854e91658c8b5bb94bfdb3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D659995610AF5DEBC0888154ADC23BC05F5C4DBA2854E91658C8B5BB94BFDB3C"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19212
Expires: Sun, 06 Nov 2022 15:36:17 GMT
Date: Sun, 06 Nov 2022 10:16:05 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.net&sn=FirefoxSyncframe&so=0&topUrl=moontada.ahlamontada.net&info=FFND3180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTRLbXE5dHpwVDVMRGI1clN6ZTZrYWQ&idsd=-993123924,-1322199911&cw=1&lsw=1
178.250.0.157200 OK 602 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.net&sn=FirefoxSyncframe&so=0&topUrl=moontada.ahlamontada.net&info=FFND3180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTRLbXE5dHpwVDVMRGI1clN6ZTZrYWQ&idsd=-993123924,-1322199911&cw=1&lsw=1
IP 178.250.0.157:0
Hash 8e87c2391c04e9cc4212178d2cd76bf9
eb612cfd00c8d78cf3d443cd68a04dba99d085b0
4d2d8fa1d388c0469cf69df17469ca04d418909ce876580434b8a2b996435c30
GET /sid/json?origin=publishertag&domain=ahlamontada.net&sn=FirefoxSyncframe&so=0&topUrl=moontada.ahlamontada.net&info=FFND3180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTRLbXE5dHpwVDVMRGI1clN6ZTZrYWQ&idsd=-993123924,-1322199911&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=moontada.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1129657
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ba5d09c54b98bfc2c7b5f15103e025c4
4aa7eb9e5615c168c0cd80234a6c96836b6024c1
d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4207
Cache-Control: max-age=169975
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:06 GMT
Etag: "63676dee-117"
Expires: Tue, 08 Nov 2022 09:29:01 GMT
Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
cur.cursors-4u.net/others/oth-6/oth589.cur
96.43.128.66200 OK 4.3 kB URL HTTP/1.1 cur.cursors-4u.net/others/oth-6/oth589.cur
IP 96.43.128.66:0
File type MS Windows cursor resource - 1 icon, 32x32, hotspot @2x0\012- data
Hash 7e85681dd16833a81398f048352bf0e9
43e27d587e992f3bc8ca63deb92385f480dfe95d
5b6ef0107eadf4b05e37338da92243a3699100098fb8c5de34eaeb9788b31b6a
GET /others/oth-6/oth589.cur HTTP/1.1
Host: cur.cursors-4u.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sun, 06 Nov 2022 10:16:05 GMT
Content-Type: application/octet-stream
Content-Length: 4286
Last-Modified: Wed, 27 Feb 2013 18:26:08 GMT
Connection: keep-alive
ETag: "512e4fc0-10be"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 10:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=374352,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d125dee03b523-OSL
my.rtmark.net/gid.js?userId=fcf99a899a22472393cfef53a5c6b3dd
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=fcf99a899a22472393cfef53a5c6b3dd
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b807187a01bc38630a85f92a902e1565
3fc02196be87f15d1808b642c49c65fd47b7aa04
78eed5f2faa160c0cb4d8f72a0003609d2d37ac7fc9009d09867b38e88d2640b
GET /gid.js?userId=fcf99a899a22472393cfef53a5c6b3dd HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fcf99a899a22472393cfef53a5c6b3dd; expires=Mon, 06 Nov 2023 10:16:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
moontada.ahlamontada.net/?utm_source=pwa
94.23.150.222200 OK 14 kB URL HTTP/2 moontada.ahlamontada.net/?utm_source=pwa
IP 94.23.150.222:0
Hash 23b43949be491a9761c5fda0f47d0249
7d2f681abc0fe92adc386feb7134b82677492188
c28d027f6321f1a4433bdc86cb29e007d20f4ba481fda2c4140974d589da24f7
GET /?utm_source=pwa HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/serviceworker.js
Connection: keep-alive
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 06 Nov 2022 00:00:00 GMT
last-modified: Sun, 06 Nov 2022 10:16:05 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 905
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 06 Nov 2022 10:16:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://moontada.ahlamontada.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 08:41:09 GMT
expires: Sun, 06 Nov 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 5697
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
104.18.32.68200 OK 2.1 kB IP 104.18.32.68:0
Hash 320bc76597bd6cd32d2ec84ef076e8f4
d751d0ee352d7a11c1496bd7dcb3d43163e38358
00b20a35d322dd476e29de06220dcf2c3c8dcbcbc89829b6dff2a3aa8b664397
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 10:16:06 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 00:47:10 GMT
Expires: Sat, 12 Nov 2022 00:47:09 GMT
Etag: "e86cc45893215a885a847169be24f27c6fd5b1bf"
Cache-Control: max-age=483662,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d12605974b51b-OSL
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.85.44200 OK 26 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65154)
Hash e1d92e2b207695a0b35739b28709e01c
9be768011e06f7402e8326951bf600a08276c2bf
7fb2bb2acfec5fa9608e60257e6bbd91498a06b6f7264f7a315f85868988561d
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "3199b956a85d79f65eb4a7750b43fcdf3b4409c7"
last-modified: Sun, 06 Nov 2022 10:00:25 UTC
x-amz-id-2: o6B/ZwUpqIkGElkGlHf8/gZTnvCk/ErFZ2CE96f1Z/9ygr39Iht8lnIKGCeDB+s9LnrmQkEVV58=
x-amz-request-id: 0K2S4JPY0T1THCXQ
x-amz-version-id: zjeLYXnXHsGMsVTlnET923uOul.YTUdH
x-from-cache: 1
x-envoy-upstream-service-time: 12
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:06 GMT
via: 1.1 varnish
age: 941
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667729766.461814,VS0,VE12
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 28
content-length: 25600
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=Ovaz77suJ7J-1-LYx7S3qLPX_FRQqXeryA1Q9HXjVG-vOJAydXHXQ3iH5vR3In9u9VtDoMbgVHtZOmqDmwaJpLGCokHofy_krfrkbo1xJlBqD-kD7SdSGALoOw8xQ4_e2uifcr3lhgNbMInnwaK60kMEg0K3BWG5yL4T31c4AD41YxFY2Tl8MJuJCoJHXwzjRF9by8MXJLvsDKhOT8e8meGNLmbBTysb1Zi-nN6NJSREATDFWQ7DKQ%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=6fcde1cc-554c-49dc-b2b4-430e926572da&userId=fcf99a899a22472393cfef53a5c6b3dd&m=link
139.45.195.8200 OK 30 kB URL HTTP/2 cdn.betgorebysson.club/?rb=Ovaz77suJ7J-1-LYx7S3qLPX_FRQqXeryA1Q9HXjVG-vOJAydXHXQ3iH5vR3In9u9VtDoMbgVHtZOmqDmwaJpLGCokHofy_krfrkbo1xJlBqD-kD7SdSGALoOw8xQ4_e2uifcr3lhgNbMInnwaK60kMEg0K3BWG5yL4T31c4AD41YxFY2Tl8MJuJCoJHXwzjRF9by8MXJLvsDKhOT8e8meGNLmbBTysb1Zi-nN6NJSREATDFWQ7DKQ%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=6fcde1cc-554c-49dc-b2b4-430e926572da&userId=fcf99a899a22472393cfef53a5c6b3dd&m=link
IP 139.45.195.8:0
File type JSON data\012- , ASCII text, with very long lines (2164)
Hash 5e09a6bbdabbb8de588b2000c1f00b09
8a1a796d8dd5a0d923bacdd34e50f8b6ca090957
ef24034e31a3d0f258756641012871f625302ca2581dfe9db23ffd7dacc318c7
GET /?rb=Ovaz77suJ7J-1-LYx7S3qLPX_FRQqXeryA1Q9HXjVG-vOJAydXHXQ3iH5vR3In9u9VtDoMbgVHtZOmqDmwaJpLGCokHofy_krfrkbo1xJlBqD-kD7SdSGALoOw8xQ4_e2uifcr3lhgNbMInnwaK60kMEg0K3BWG5yL4T31c4AD41YxFY2Tl8MJuJCoJHXwzjRF9by8MXJLvsDKhOT8e8meGNLmbBTysb1Zi-nN6NJSREATDFWQ7DKQ%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=6fcde1cc-554c-49dc-b2b4-430e926572da&userId=fcf99a899a22472393cfef53a5c6b3dd&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Cookie: OAID=fcf99a899a22472393cfef53a5c6b3dd; oaidts=1667729765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: application/json
x-trace-id: 06a524736be11aa0c67e5815a6d793d4
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=fcf99a899a22472393cfef53a5c6b3dd; expires=Mon, 06 Nov 2023 10:16:06 GMT; path=/; secure; SameSite=None
oaidts=1667729766; expires=Mon, 06 Nov 2023 10:16:06 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 13 Nov 2022 10:16:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Size 146 kB (145832 bytes)
Hash 2cb70b33b089c62b26eb96d94e7848bd
cf1686eadf7992bfc00f123bf26bca19857697d8
e2c6a7f536218170613c3a652d52131e5b70541333377645cb39bec56f3255b0
GET /libtrc/impl.20221102-48-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9ev1Nxau8RZi/3Ry4EmiKGio8KAljHS1bjrQt+OvwlnYiPXUSniGV3fIft4tlxpOjW3kBb9VG68=
x-amz-request-id: MMDGV2TEXDJWYD38
last-modified: Thu, 03 Nov 2022 09:40:21 GMT
etag: "2cb70b33b089c62b26eb96d94e7848bd"
content-encoding: br
x-amz-version-id: cUHcgl7EI0Kdobxi4IZyHivlOu5FPy45
content-type: application/javascript
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:06 GMT
via: 1.1 varnish
age: 2132
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 972
x-timer: S1667729767.645479,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 80
server: AmazonS3-br
content-length: 145832
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&gjid=300727620&_gid=299251971.1667729765&_u=YEBAAUAAAAAAACAAI~&z=291744683
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&gjid=300727620&_gid=299251971.1667729765&_u=YEBAAUAAAAAAACAAI~&z=291744683
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&gjid=300727620&_gid=299251971.1667729765&_u=YEBAAUAAAAAAACAAI~&z=291744683 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://moontada.ahlamontada.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 10:16:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Content-Type: application/json
Origin: https://moontada.ahlamontada.net
Content-Length: 477
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 72e54d9a25d684f3f13a95d09a7f4b6d
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash bef0f5f1742148554b738e79ebbdc76d
ee37ad3e7b5c9c92729f8968a872f035ada28554
bb4d05a236b38335e73aacbb3c830537fda500991131db84e4fea9d594869599
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164857
Date: Sun, 06 Nov 2022 10:16:06 GMT
Etag: "63675a38-1d7"
Expires: Tue, 08 Nov 2022 08:03:43 GMT
Last-Modified: Sun, 06 Nov 2022 06:54:48 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q2PJ3xSC4UuGWpu9l52Rrw0aYJg76jQnX0vOGYKJ-bZkK6YraYTWnw==
Age: 4135
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4433
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 10:16:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4433
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 10:16:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4433
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 10:16:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 44836
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92234d28d67355984873ddf7f2bc85c
309a09b99f2419d6c45c271b67f387a6a62abd4a
436c965529e1e01b2b175fd72f45bab799f77028f1671978c16a37c61e267074
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12098
x-amzn-requestid: f8b11dcd-fb4c-4eda-a84d-2c36b08dfd16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbDWE7SoAMFatw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d87b-386cc0282685a0e8611a24ce;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:41:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cuSzUxz5mU03--3mUK73KKUGQQVVu6rlF2oBXm-gBhbN9Y-V1YTXOA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "309a09b99f2419d6c45c271b67f387a6a62abd4a"
content-type: image/jpeg
age: 43408
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 45093
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 17063
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 13687
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39ac4f41f6bbdba85b2afeb7b011db5f
8e7a2be19b5c7682e86aec81907f6026d14d7313
fbd813af4eb335e1aefa6fb78b672bf89f8606ef688c98d3bd38ffdb77abfba3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8160
x-amzn-requestid: 31cf0571-0ef2-4c99-a6be-afd806b7f449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJaroFHhoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-269b7bcc1bcb8bdc4aa51dc9;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J2pyEM7n1b_j4vS7S_K8aiJ-Jj01PtPk7Qb7rEOblKaz-isZtSqo1g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 45093
etag: "8e7a2be19b5c7682e86aec81907f6026d14d7313"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.viglink.com/api/ping
34.248.173.75200 OK 259 B IP 34.248.173.75:0
File type ASCII text, with no line terminators
Hash dc22f9913255aba573350abce73e5cd2
d258265171957f4a4236c9881f4127db268a4dcd
e049489e274b207b50d202091b3a82ccf1d5cd4ca11f243dee18fd3fa0a60911
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 142
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://moontada.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 10:16:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&_u=YEBAAUAAAAAAACAAI~&z=491209324
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&_u=YEBAAUAAAAAAACAAI~&z=491209324
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&_u=YEBAAUAAAAAAACAAI~&z=491209324 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 10:16:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&_u=YEBAAUAAAAAAACAAI~&z=491209324
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&_u=YEBAAUAAAAAAACAAI~&z=491209324
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=234747841.1667729765&jid=159350061&_u=YEBAAUAAAAAAACAAI~&z=491209324 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 10:16:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A16%3A04.878&type=usage&msg=rtus&llvl=2&id=6769&cv=20221102-48-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A16%3A04.878&type=usage&msg=rtus&llvl=2&id=6769&cv=20221102-48-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A16%3A04.878&type=usage&msg=rtus&llvl=2&id=6769&cv=20221102-48-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 10:16:07 GMT
x-fastly-to-nlb-rtt: 21974
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 8.8 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
File type C source, ASCII text, with very long lines (29462)
Hash f8118a1a0007abe1be96bdd99c510351
cc46e5700dfab7b735d29b1049dbdf76324a5186
8eb59b95df50c88cd6915b24819af3f58f2b9611d5160a6935d8d0b15154addc
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 869091
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
34.248.173.75200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 34.248.173.75:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 06 Nov 2022 10:16:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
api.viglink.com/api/domains
34.248.173.75200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.248.173.75:0
File type ASCII text, with no line terminators
Hash e25a5a224fc822b26216faca5c32c09a
63090a936dd879344bac490582bbae8a3358d3ca
7b2f0f84d524709cdd11050c1ae1bdd15162c95459cba98342152d3caeca3fad
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 241
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://moontada.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 10:16:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
moontada.ahlamontada.net/images/icons-180.png
94.23.150.222200 OK 839 B URL HTTP/2 moontada.ahlamontada.net/images/icons-180.png
IP 94.23.150.222:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 1044856a8b8c5713babcd2df0c52babe
7a1858ede92c706533486bc39d7bc4d8e67935db
78a512ac7ad22fd93ef73b677bd69688ea877cdec675ac9701b4d0b6a898ae22
GET /images/icons-180.png HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/t17-topic
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; cto_bundle=upKbaF9nJTJCT3Z3JTJGaml6TVNXODBmMXU3czFyWG1nVkFTSHFaeWhGWk5yNFgzanpxNUlLM0JHWUpjSGdtNmx3S0JGeHhxMUtMcXJkS0JOTnBJeVMlMkY1VGlOQjBrcDJlalF3VWU5ck1YQVdIc042S2g1SVc4M1BlcDRaRkM1R2dYTzZvbXhnMDh0NnRMT1pXcWRraG9YUjQxVTRQNUElM0QlM0Q; prefetchAd_3765907=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:07 GMT
content-type: image/png
content-length: 839
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 06 Nov 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 372
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 10:16:06 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://moontada.ahlamontada.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
34.248.173.75200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 34.248.173.75:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 06 Nov 2022 10:16:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ee0a3f8e98852af1bd3e993ce2ab7e7d
07756ee0cd8329b0a0c2bb0b3fe0b6a0e050477c
caefbe44286d860a91e442437c66633cc3a49290c02edfe533db10f9468dd657
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 727
Cache-Control: max-age=105675
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:07 GMT
Etag: "6366805c-138"
Expires: Mon, 07 Nov 2022 15:37:22 GMT
Last-Modified: Sat, 05 Nov 2022 15:25:16 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 312
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:06 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Content-Type: application/json
Origin: https://moontada.ahlamontada.net
Content-Length: 738
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9de71e9e0fc153c5e098d244baf03ad3
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221102-48-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221102-48-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash bf1c04dffbcf70fb528d7cf003f8d3c3
babf3d11404d984eb97fe250d643391db4bed923
6c076c9f308134e7f07a2730a4060b9b9141b850ceb889bd83b22a74c0bc8619
GET /libtrc/userx.20221102-48-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: m7Y+PLsPDVH05Z+mv/EHNElFbsQZb8IyMDVeQwOKHmBxO2ET8krlnXMTecdbGCfPpGX1C3hkl3Q=
x-amz-request-id: QQ3D9KXB7YGWPXHZ
x-amz-replication-status: PENDING
last-modified: Sun, 06 Nov 2022 09:43:19 GMT
etag: "cd64469c740fe5393564a58c47678359"
x-amz-version-id: F0xuJdlvXqSi7edhXEqPcKZZ4tWH5FQv
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
via: 1.1 varnish
age: 1967
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 191
x-timer: S1667729768.777315,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 80
content-length: 5398
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/cta-component.20221102-48-RELEASE.es6.js
151.101.85.44200 OK 5.1 kB URL HTTP/2 cdn.taboola.com/libtrc/cta-component.20221102-48-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (18924)
Hash 1ead3f3e51bc86298df7102ce87fe0b0
ea2e8bd2eeb36e36a8fbeb8f41b749fb7ac40f73
a65cc1bece238522356893e2aa249f22032005e7ecfbbb19cc14a4b64f43b17e
GET /libtrc/cta-component.20221102-48-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: BoBUjsg2M5Jmxz9WG3anyhf4KHOPHPmDegizsK5L/vVIa2Flxaxnw66lFnqIBLdZLLmaqNq56Bg=
x-amz-request-id: E80VXNT4EED0546G
x-amz-replication-status: PENDING
last-modified: Sun, 06 Nov 2022 09:42:21 GMT
etag: "ec33a34412965b76ca2f857dfa9cb465"
x-amz-version-id: .bBO87he2jI_GokTreDN3gFrXrQ9yXVC
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
via: 1.1 varnish
age: 2025
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 616
x-timer: S1667729768.777431,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 80
content-length: 5108
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.2200 OK 30 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.2:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2191ddd9ab0fe19db70aaa669ac50529
4d1cb3c0e59e01e08b58f35db906e6b64840bc7f
4b5b3915baa2db92e7c221fd2d13f41137244ca36bf8af9e730d6f316a5db62e
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 83384
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.firstbaptistchurchbryan.com/wp-content/uploads/2020/11/crosby3.jpg
151.101.85.44200 OK 5.7 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.firstbaptistchurchbryan.com/wp-content/uploads/2020/11/crosby3.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 95e2664570dea992d3f5f1342db31394
c6362202173f47adb23eb152d2472a573dc83499
5003f50602263429cc691198db1196682ad362cae3755a914fa5ea84172fa2e7
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.firstbaptistchurchbryan.com/wp-content/uploads/2020/11/crosby3.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 370897360600007975063551796805130528613,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 370897360600007975063551796805130528613,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "705aeb30e4f5c02e105ed64da299e495"
expiration: expiry-date="Wed, 02 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 02 Oct 2022 13:38:51 GMT
req-referer: https://aax.amazon-adsystem.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 516
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
age: 2668707
x-served-by: cache-iad-kcgs7200062-IAD, cache-iad-kiad7000068-IAD, cache-lax10644-LGB, cache-iad-kiad7000157-IAD, cache-bma1621-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 7, 1
x-timer: S1667729768.778703,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.firstbaptistchurchbryan.com/wp-content/uploads/2020/11/crosby3.jpg
x-vcl-time-ms: 1
content-length: 5710
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//aijxg.com/content/772b0a08-4a9c-4b94-93dd-fe20e0236062
151.101.85.44200 OK 4.2 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//aijxg.com/content/772b0a08-4a9c-4b94-93dd-fe20e0236062
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 200a0fea2ef82d7d7db01f76b6fbe428
cb280e840df224a2c2c41092ad1a27d3991e114b
dd163dae763848f05ff7643b6e04abb98560e3b32be3a03fb0b40d5642642bc2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//aijxg.com/content/772b0a08-4a9c-4b94-93dd-fe20e0236062 HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 547038191971269950177142999030341373160,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 547038191971269950177142999030341373160,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "888d61b1f5602d01c78815d2104a19bd"
expiration: expiry-date="Tue, 25 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 24 Sep 2022 14:39:15 GMT
req-referer: https://listindiario.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 1149
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
age: 1641086
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kcgs7200095-IAD, cache-lax10638-LGB, cache-iad-kjyo7100119-IAD, cache-bma1621-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 50, 1
x-timer: S1667729768.778921,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//aijxg.com/content/772b0a08-4a9c-4b94-93dd-fe20e0236062
x-vcl-time-ms: 1
content-length: 4162
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
151.101.85.44200 OK 3.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4a3299cb7586f869a00ac4167422214d
b7e53376f5126117a41761438a9fd52bf9b94673
fcaf170f291e63740974aa27504628ff38e779a73dc066409ebdd02a853b8fd3
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 613669426550226744769788410621596759672,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 613669426550226744769788410621596759672,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "d754fe306cb263ce5dcb98df06b1298b"
last-modified: Thu, 15 Sep 2022 07:08:25 GMT
req-referer: https://fcbarcelona2012.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: c2e09d795ca1873e02d2fc5b901afa20
x-envoy-upstream-service-time: 443
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
age: 2768223
x-served-by: cache-iad-kiad7000161-IAD, cache-iad-kjyo7100103-IAD, cache-bur-kbur8200038-BUR, cache-iad-kjyo7100132-IAD, cache-bma1621-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 78, 1
x-timer: S1667729768.779636,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
x-vcl-time-ms: 1
content-length: 3522
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:07 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.248.173.75200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.248.173.75:0
File type ASCII text, with no line terminators
Hash cecb24d673bc7fc889027a681669010e
a27886d11e8568410d4cb3abc74f3b0063a8538a
04d7adf9527843d37a46d2b49a525139342d77186477c7c784f9b625e9c78b3b
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 306
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://moontada.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 10:16:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/16/48/25/04/1ovtb810.jpg
151.101.85.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/16/48/25/04/1ovtb810.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a4db39da8b4ca469999b2736020f12be
5bd4e7df226a37057ceae83db17de188bbc66a33
28972ecaf656b04ced233080b55280e109b3dace845897b1b0f01f141c0db0f1
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/16/48/25/04/1ovtb810.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 553820372256103830146356301221263330746,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 553820372256103830146356301221263330746,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "67206b6f4bbdca38a63deb405c0da8c1"
last-modified: Tue, 13 Sep 2022 10:39:42 GMT
req-referer: https://school7.ahlamountada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 939e6dca1cd441234aa26a94e43194e6
x-envoy-upstream-service-time: 1145
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
age: 2466854
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kjyo7100118-IAD, cache-bur-kbur8200131-BUR, cache-iad-kcgs7200128-IAD, cache-bma1621-BMA
x-cache: MISS, MISS, HIT, HIT, MISS
x-cache-hits: 0, 0, 1, 3, 0
x-timer: S1667729768.779746,VS0,VE92
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/16/48/25/04/1ovtb810.jpg
x-vcl-time-ms: 92
content-length: 11206
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
151.101.85.44200 OK 8.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2a9843d93390aa2222a3666243993532
ad469cbe0b27dce72b8fabccecf58aa819c51774
d15b51246987765bd82a7781299d74a690aa337bfbb8bb9337da1b94c7f8522f
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 311438301812572966555265208773229228139,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 311438301812572966555265208773229228139,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "6de1f7fabb706aff72e76a36c54f6aa0"
last-modified: Tue, 18 Oct 2022 00:39:53 GMT
req-referer: https://12579.yoo7.com/t4817-topic
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: ffc307e8d92d132009872e976b67859b
x-envoy-upstream-service-time: 1260
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
age: 865964
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000102-IAD, cache-chi-klot8100025-CHI, cache-iad-kiad7000058-IAD, cache-bma1621-BMA
x-cache: MISS, MISS, MISS, HIT, MISS
x-cache-hits: 0, 0, 0, 26, 0
x-timer: S1667729768.780161,VS0,VE91
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
x-vcl-time-ms: 91
content-length: 8346
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
151.101.85.44304 Not Modified 0 B URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 13 Sep 2022 09:04:05 GMT
If-None-Match: "8b1ffbd4f9c44c447f9a11e92fbb9112"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 06 Nov 2022 10:16:07 GMT
via: 1.1 varnish
cache-control: public, max-age=2592000
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
age: 3544449
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 296882
x-timer: S1667729768.992966,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&cmcv=&pix=31589837&cb=1667729766205&uv=3239&tms=1667729766205&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667729762251!ts:1667729766205&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&cmcv=&pix=31589837&cb=1667729766205&uv=3239&tms=1667729766205&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667729762251!ts:1667729766205&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&cmcv=&pix=31589837&cb=1667729766205&uv=3239&tms=1667729766205&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667729762251!ts:1667729766205&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:08 GMT
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b1fdd8c88ac9918872b5169313de497
4b0e37a85187fef2dacae80ad609141e87a4efee
e008af97d19c0e422715263183063bbaffdde87a3ce9f650a78de442b0fec338
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5461
Cache-Control: max-age=138479
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:08 GMT
Etag: "6366ee02-1d7"
Expires: Tue, 08 Nov 2022 00:44:07 GMT
Last-Modified: Sat, 05 Nov 2022 23:13:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
gum.criteo.com/syncframe?origin=rtus&topUrl=moontada.ahlamontada.net
178.250.0.157200 OK 5.9 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=moontada.ahlamontada.net
IP 178.250.0.157:0
Hash 453b800133356212dbfa1794670c8219
e3171235f2493619af32b0a5799b8bcaa68fd73c
00124a624b60364749460f0ecac40845c05b2d6bb28e222d17576a68375ccb82
GET /syncframe?origin=rtus&topUrl=moontada.ahlamontada.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=9f804824-c97e-4095-98f1-17b49eb107ea; expires=Fri, 01 Dec 2023 10:16:07 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 860622
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A16%3A05.911&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=153&cv=20221102-48-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A16%3A05.911&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=153&cv=20221102-48-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A16%3A05.911&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=153&cv=20221102-48-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 10:16:08 GMT
x-fastly-to-nlb-rtt: 77501
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 527 B IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (848), with no line terminators
Hash c8fae3aae763d7bcb845a409f99ea201
b28b3a5d37fb37f0ce03940ea058565700659cd5
5f71ed70fc31ad0242021461af3382bc1c392a1cd231a9a36a2e724fb023fa1c
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=FFND3180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTRLbXE5dHpwVDVMRGI1clN6ZTZrYWQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=XIP4oF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTRuS3luMUQ0dGVrUXpVOXRUTlFOQUo; expires=Fri, 01 Dec 2023 10:16:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 383645
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=07bce4ca-5dbc-11ed-ae3c-16877d160206; expires=Sun, 04-Dec-2022 10:16:08 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07bce52b-5dbc-11ed-ae3c-16877d160206
X-fe: 61
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07b85c10-5dbc-11ed-8e46-1f057aaa0506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07b85c10-5dbc-11ed-8e46-1f057aaa0506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07b85c10-5dbc-11ed-8e46-1f057aaa0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=07bcfc6f-5dbc-11ed-b7f6-1d66682b0406; expires=Sun, 04-Dec-2022 10:16:08 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 19
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=07c06b4a-5dbc-11ed-9a88-1f6fc1870406; expires=Sun, 04-Dec-2022 10:16:08 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07c06bad-5dbc-11ed-9a88-1f6fc1870406
X-fe: 10
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 928 B URL HTTP/2 am-match.taboola.com/sync?dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (928), with no line terminators
Hash 8227d4c992bdc2c4c5804d84b62fda07
83839cdf21b0918f46e16e1e2c732c94b3c13f4f
59b21f9cd8081c4bd058979d3b7c6fab9785b7ce8214db75f94d2bb0d92142cb
GET /sync?dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:08 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07c06bad-5dbc-11ed-9a88-1f6fc1870406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07c06bad-5dbc-11ed-9a88-1f6fc1870406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07c06bad-5dbc-11ed-9a88-1f6fc1870406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=07c525b5-5dbc-11ed-8233-17d925990506; expires=Sun, 04-Dec-2022 10:16:08 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 4
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=31589837&cb=1667729766380&uv=3239&tms=1667729766380&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667729762251!ts:1667729766380&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=31589837&cb=1667729766380&uv=3239&tms=1667729766380&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667729762251!ts:1667729766380&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=31589837&cb=1667729766380&uv=3239&tms=1667729766380&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667729762251!ts:1667729766380&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:08 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=07cb6a70-5dbc-11ed-aed3-1f6fc1870306; expires=Sun, 04-Dec-2022 10:16:08 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07cb6ab9-5dbc-11ed-aed3-1f6fc1870306
X-fe: 10
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7aaea6ff8a719f2f88ec382a690cb505
6fc812ca4065e58573d5406338bf4e45b3ddadb4
8df36f22bb7657b3998bb9907468ad1af53c23ce7aa13183fc80e9d11c9068b5
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 10 Nov 2022 08:58:55 GMT
ETag: "6fc812ca4065e58573d5406338bf4e45b3ddadb4"
Last-Modified: Sun, 06 Nov 2022 08:58:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1352
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d126cde44b512-OSL
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07cb6ab9-5dbc-11ed-aed3-1f6fc1870306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07cb6ab9-5dbc-11ed-aed3-1f6fc1870306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=07cb6ab9-5dbc-11ed-aed3-1f6fc1870306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=07d05f35-5dbc-11ed-bf45-141484330306; expires=Sun, 04-Dec-2022 10:16:08 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 386ab1abf63e2d84590ac4811af42f4a
f4be9c54ab943ec73bbcdaee8cf4b6e996f77d2c
cb09e3ff1edca73ba28e7346debdc45ea7c6a82a0a7cfb06f003c565ecc3472b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4127
Cache-Control: max-age=104705
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 10:16:08 GMT
Etag: "63666f4a-1d7"
Expires: Mon, 07 Nov 2022 15:21:13 GMT
Last-Modified: Sat, 05 Nov 2022 14:12:26 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58534/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 06 Nov 2022 10:16:08 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGiJZ2MCEGaLqjbVLXab72US8Kps5UgFEgEBAQHaaGNxYwAAAAAA_eMAAA&S=AQAAAtXqj-ILlIClVSZd1QY-D0k; Expires=Mon, 6 Nov 2023 16:16:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:08 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 10:16:08 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGiJZ2MCEKdvbc_7xlYt-hwfvnz7sN0FEgEBAQHaaGNxYwAAAAAA_eMAAA&S=AQAAAo6gXM-IxPT9qaEZQEjQM1g; Expires=Mon, 6 Nov 2023 16:16:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_3_9/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_9/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_3_9/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ljlvvQDhIUCzT4p7ctrpgRVm/AgQtm7fjmkgdPdQEdK+I/6gOStiEPjeOdgbHJbZhoc5ZvcUtsg=
x-amz-request-id: T5MPDEACYQN9GHJF
last-modified: Thu, 27 Oct 2022 07:34:38 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1666856077
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856076
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:08 GMT
via: 1.1 varnish
age: 873478
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 188376
x-timer: S1667729769.636372,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 1.2 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash b10652c23a9596099e5db2dfc6aca484
b88d1066633a1e48c3c7c3da51f2171861a01771
135fcdf999f38af9cc2250cbe1ec612dc398c37598e83ad21784cb3dbe5b47ba
GET /sync?dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:08 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4246
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667729769.574298,VS0,VE88
x-vcl-time-ms: 88
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f75d606d78f1bb1899625dd8cf247a7
2a29750c52f72412d1cfcb75ee403c1c75ad30f6
227d7501f2b10c85afbee42f15b770372301d3cd7832558533fbbfc6f3e78536
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 01:56:50 GMT
Expires: Sat, 12 Nov 2022 01:56:49 GMT
Etag: "2a29750c52f72412d1cfcb75ee403c1c75ad30f6"
Cache-Control: max-age=487840,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d126cfff0b523-OSL
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667729766388&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=896100925&tz=0&viewable=true&ddast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmoontada.ahlamontada.net&en=1
151.101.85.44200 OK 513 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667729766388&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=896100925&tz=0&viewable=true&ddast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmoontada.ahlamontada.net&en=1
IP 151.101.85.44:0
File type ASCII text, with very long lines (1424), with no line terminators
Hash ffaa06c41ad3e352f72dbc43919494bf
c974774d75718e14a03dd9e7319ecb5978bbf591
1e1087268a4517bc0a27eb6baa80bec9ac82bc881c81f9f81f87836c398a0964
POST /VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667729766388&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=896100925&tz=0&viewable=true&ddast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmoontada.ahlamontada.net&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 117
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1481
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667729768.410804,VS0,VE166
vary: Accept-Encoding
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
18.198.166.108200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 18.198.166.108:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 06 Nov 2022 10:16:08 GMT
Content-Length: 43
Connection: keep-alive
vidstat.taboola.com/vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127663 bytes)
Hash ed6a7be4b07d1653940edf3b59561b62
e86457f6d9ef3ef5fec8a050d56af827c9196a13
acf67360b42eaaba607d73f434c457b3200388b5e62e4e91d984d7e9d6d35172
GET /vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 4XCKL71V4KhsoHyueX5jpjHsfDsjxykDhjiYcY77zYUxGJieqBjvCotMWQmIVh7NEI0bxQTkd+w=
x-amz-request-id: S3DTXRQWZQ29XXKX
last-modified: Thu, 27 Oct 2022 07:33:46 GMT
etag: "ed6a7be4b07d1653940edf3b59561b62"
x-amz-meta-ctime: 1666856025
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856024
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:08 GMT
via: 1.1 varnish
age: 873478
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 96310
x-timer: S1667729769.757302,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127663
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:08 GMT
via: 1.1 varnish
age: 9856
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 805
x-timer: S1667729769.937201,VS0,VE0
cache-control: private,max-age=31536000
abp: 80
content-length: 254
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 10:16:09 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=082c7658-5dbc-11ed-9f27-1e1d47870406; expires=Sun, 04-Dec-2022 10:16:09 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=082c76a5-5dbc-11ed-9f27-1e1d47870406
X-fe: 104
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=082c76a5-5dbc-11ed-9f27-1e1d47870406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=082c76a5-5dbc-11ed-9f27-1e1d47870406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=082c76a5-5dbc-11ed-9f27-1e1d47870406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 10:16:09 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=08325d94-5dbc-11ed-918f-17ca89300106; expires=Sun, 04-Dec-2022 10:16:09 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 132
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:09 GMT
via: 1.1 varnish
age: 873646
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 196438
x-timer: S1667729769.140988,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:09 GMT
age: 1142533
x-served-by: cache-bma1621-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 147856
x-timer: S1667729769.141351,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=&cb=1667729767052&uv=3239&tms=1667729767052&su=&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=&cb=1667729767052&uv=3239&tms=1667729767052&su=&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=&cb=1667729767052&uv=3239&tms=1667729767052&su=&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1& HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:09 GMT
content-length: 0
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:09 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
18.198.166.108200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 18.198.166.108:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 06 Nov 2022 10:16:09 GMT
Content-Length: 43
Connection: keep-alive
am-match.taboola.com/sync?dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:09 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:09 GMT
via: 1.1 varnish
age: 844
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 101496
x-timer: S1667729770.610357,VS0,VE0
vary: Accept-Encoding
abp: 80
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://moontada.ahlamontada.net
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:09 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 10:16:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=094823ee-5dbc-11ed-a319-194044dd0406; expires=Sun, 04-Dec-2022 10:16:10 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=09482435-5dbc-11ed-a319-194044dd0406
X-fe: 88
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=09482435-5dbc-11ed-a319-194044dd0406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=09482435-5dbc-11ed-a319-194044dd0406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=09482435-5dbc-11ed-a319-194044dd0406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 10:16:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=094cad86-5dbc-11ed-8af5-1a7ccaea0306; expires=Sun, 04-Dec-2022 10:16:10 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 94
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:11 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=3218fb8dbdf448eeac9590e79c8dcf4e&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=3218fb8dbdf448eeac9590e79c8dcf4e&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b807187a01bc38630a85f92a902e1565
3fc02196be87f15d1808b642c49c65fd47b7aa04
78eed5f2faa160c0cb4d8f72a0003609d2d37ac7fc9009d09867b38e88d2640b
GET /gid.js?pub=0&userId=3218fb8dbdf448eeac9590e79c8dcf4e&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Cookie: ID=fcf99a899a22472393cfef53a5c6b3dd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:13 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fcf99a899a22472393cfef53a5c6b3dd; expires=Mon, 06 Nov 2023 10:16:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A16%3A04.882<i=deflated&data=%7B%22id%22%3A596%2C%22ii%22%3A%22%2Ft17-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667480673762%2C%22vi%22%3A1667729764881%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic%22%2C%22vpi%22%3A%22%2Ft17-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2004%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A84%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1968%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft17-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A16%3A04.882<i=deflated&data=%7B%22id%22%3A596%2C%22ii%22%3A%22%2Ft17-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667480673762%2C%22vi%22%3A1667729764881%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic%22%2C%22vpi%22%3A%22%2Ft17-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2004%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A84%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1968%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft17-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
GET /forumotion-ar/trc/3/json?tim=10%3A16%3A04.882<i=deflated&data=%7B%22id%22%3A596%2C%22ii%22%3A%22%2Ft17-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667480673762%2C%22vi%22%3A1667729764881%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic%22%2C%22vpi%22%3A%22%2Ft17-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2004%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A84%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1968%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft17-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667729767.994714,VS0,VE465
vary: Accept-Encoding
x-vcl-time-ms: 465
X-Firefox-Spdy: h2
moontada.ahlamontada.net/t17-topic
94.23.150.222200 OK 0 B URL HTTP/2 moontada.ahlamontada.net/t17-topic
IP 94.23.150.222:0
GET /t17-topic HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sun, 06 Nov 2022 00:00:00 GMT
last-modified: Sun, 06 Nov 2022 10:16:04 GMT
vary: User-Agent
set-cookie: exadd=166774; expires=Sun, 06-Nov-2022 14:16:04 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP 104.21.63.213:0
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5105396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lYpIVhb0F1xLTfrC%2Fd9cCJQ90r%2B3S9uHofFGD9%2BP1AkHBTcrz9UUSddsgT9xiKc9mk3eKfKOSQWDRvazOk2smRkORE8jl32zwKSCHyypbIbdAyexUphG2S0UB6unA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1256da850b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP 104.21.63.213:0
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5105367
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op%2FG%2F79XmDqrLGDf97tSxqShiekxEhHVuHxBGGR5jqpWwsYv3%2BAKFu7gYNCaMCa9pVL9NZeICzFXTkVVdQM7b93a4t7t4WNP7pOygnadpgfpGmkforoDAhmk3NOqzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1256faa20b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Mon, 07 Nov 2022 10:16:05 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
moontada.ahlamontada.net/serviceworker.js
94.23.150.222200 OK 0 B URL HTTP/2 moontada.ahlamontada.net/serviceworker.js
IP 94.23.150.222:0
GET /serviceworker.js HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.402
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.402
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:54 GMT
etag: W/"63626a7e-180b9"
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=axUNvl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTc5YmZtQVh5UUZKdVdyd0FMdGZXJTJCTw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=FFND3180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3p5VGRjOHIxSnBhbjJFTkFOd3hqdTRLbXE5dHpwVDVMRGI1clN6ZTZrYWQ; expires=Fri, 01 Dec 2023 10:16:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 357780
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic&encoded=1&uid=e699876a-6b20-4b9a-9173-dc5e6828472f-tucta610ee7&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1667729765642&tagid=&cntry=NO&platform=1&sesid=af90c1a58fece57ad9e45274b894fbb2&itemid=/t17-topic&viewid=1667729764881&geolat=&geoing=&deviceifa=&appid=&sd=v2_af90c1a58fece57ad9e45274b894fbb2_e699876a-6b20-4b9a-9173-dc5e6828472f-tucta610ee7_1667729767_1667729767_CNawjgYQ3pxDGJHkwuPEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=83191709a116e8b5e86e332dd320810b&appname=&cdb=&gdprApplies=true&rid=&sii=5081051080930205152&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=-50
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic&encoded=1&uid=e699876a-6b20-4b9a-9173-dc5e6828472f-tucta610ee7&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1667729765642&tagid=&cntry=NO&platform=1&sesid=af90c1a58fece57ad9e45274b894fbb2&itemid=/t17-topic&viewid=1667729764881&geolat=&geoing=&deviceifa=&appid=&sd=v2_af90c1a58fece57ad9e45274b894fbb2_e699876a-6b20-4b9a-9173-dc5e6828472f-tucta610ee7_1667729767_1667729767_CNawjgYQ3pxDGJHkwuPEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=83191709a116e8b5e86e332dd320810b&appname=&cdb=&gdprApplies=true&rid=&sii=5081051080930205152&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=-50
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmoontada.ahlamontada.net%2Ft17-topic&encoded=1&uid=e699876a-6b20-4b9a-9173-dc5e6828472f-tucta610ee7&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1667729765642&tagid=&cntry=NO&platform=1&sesid=af90c1a58fece57ad9e45274b894fbb2&itemid=/t17-topic&viewid=1667729764881&geolat=&geoing=&deviceifa=&appid=&sd=v2_af90c1a58fece57ad9e45274b894fbb2_e699876a-6b20-4b9a-9173-dc5e6828472f-tucta610ee7_1667729767_1667729767_CNawjgYQ3pxDGJHkwuPEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=83191709a116e8b5e86e332dd320810b&appname=&cdb=&gdprApplies=true&rid=&sii=5081051080930205152&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=-50 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1442
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:07 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667729768.785328,VS0,VE35
vary: Accept-Encoding
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
44.206.122.152200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 44.206.122.152:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:08 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:54 GMT
etag: W/"63626a7e-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=moontada.ahlamontada.net
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=moontada.ahlamontada.net
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=moontada.ahlamontada.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=9bf71895-4244-4f16-aa1f-635755454138; expires=Fri, 01 Dec 2023 10:16:05 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 640376
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
44.206.122.152200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 44.206.122.152:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:09 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1667729766226&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=896100925&tz=0&viewable=true&ddast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmoontada.ahlamontada.net&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1667729766226&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=896100925&tz=0&viewable=true&ddast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmoontada.ahlamontada.net&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1667729766226&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=896100925&tz=0&viewable=true&ddast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmoontada.ahlamontada.net&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1441
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://moontada.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:10 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667729768.243871,VS0,VE2252
vary: Accept-Encoding
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Tue, 06 Dec 2022 10:16:05 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: E042:8430:27CD466:2922CEC:63616F0B
vary: Accept-Encoding
x-fastly-request-id: b5d54b17e716d87112ad9a589df488796482241e
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.2200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.2:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114802
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.63200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.63:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 109565
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
moontada.ahlamontada.net/sw.js
94.23.150.222200 OK 0 B URL HTTP/2 moontada.ahlamontada.net/sw.js
IP 94.23.150.222:0
GET /sw.js HTTP/1.1
Host: moontada.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/t17-topic
Connection: keep-alive
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 5158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7Y3LoKW4rX7vqmgGVM1Xn2Ezyaw3dlCi8X9%2BVgIpLhgYYKWwgakTlXqEjxF2Ad4X2QiTB0A5wuorCWItbrQ9cc4OkFvkDGW%2B%2FJpbHJFGxqefu6F%2BuFDImMjYBZQTat8t%2BoboLyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d1259ba62b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:06 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3193
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsCQ1%2FeW4Z7hcFUEkpsRAclOfc9K6e9J2DA4vgzjfniz7OLoQcejjxXYwv71CZ%2FqALB%2BG6zZLuDfio%2BC0jOU0Kle5UqcOdx2C%2F4bQ3qr4LwrjzDPW%2BfSl4Ig6%2Be1RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d125d9d1cb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moontada.ahlamontada.net/
x-crto-bundle: upKbaF9nJTJCT3Z3JTJGaml6TVNXODBmMXU3czFyWG1nVkFTSHFaeWhGWk5yNFgzanpxNUlLM0JHWUpjSGdtNmx3S0JGeHhxMUtMcXJkS0JOTnBJeVMlMkY1VGlOQjBrcDJlalF3VWU5ck1YQVdIc042S2g1SVc4M1BlcDRaRkM1R2dYTzZvbXhnMDh0NnRMT1pXcWRraG9YUjQxVTRQNUElM0QlM0Q
Origin: https://moontada.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:07 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://moontada.ahlamontada.net
server-processing-duration-in-ticks: 1715691
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=undefined&cb=1667729766381&uv=3239&tms=1667729766381&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=b2079d5c-9b7d-4218-984b-89c3da413e74&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=undefined&cb=1667729766381&uv=3239&tms=1667729766381&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=b2079d5c-9b7d-4218-984b-89c3da413e74&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V78YECFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGIZ7JYj18atnPhGbtFkMVwrh6OJW7jceEYO02Kz8o2GQEIT03AzsozWitlg5hYtNr61cLNbuSWukck1GM5MM-NuCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3erXfbzc9TA67wmh2uP1208PksMtdpr_osVuL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUIFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYRMcL11YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PZCwOQcbx8I1nLk8LtduYXKuTKvJbjQxLkczi8Wyva8Ac4RDJ6P4Pg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhyrZcDnezhVs2sQzWoolz4VYudpu1yONa2YaT4Wg3mblFr4_pYVsMVi7fFgUDNPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32DZtzsHEsXMOZy-Ny7RYm58q0muxGE-NyNLNYLPuWbbkc7mYLt2xiGaxFE-fCrVzsNmuRx7WyDSfD0W4yc4teH9PDthisXL59Yzbb7SbL3Wy3b8xmu91kuZvt9h06w3f1ORudwfHEoxK5vtehxeYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJ8LNYrnYDZYLx2K2Mk5cK-Ns5dlMRibPZDBcDCYWsURpukgnetFjtxb9DU-PRf1HhlzMlYO5aDJXrEarBAAAAAAAAACwhDnzJgAAAACngYwGm-FquQAQzl66P_N-UOw-i9S7RoOFCZx1neDFjR83mN_yevtNT7_drbBcGeCBmpx5s2eCWKvVsgYAABDABgAACODWzVsANiO3DxSlEX7kSrHHP9CqwQA!&cmcv=&pix=undefined&cb=1667729766381&uv=3239&tms=1667729766381&abt=eidc_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=b2079d5c-9b7d-4218-984b-89c3da413e74&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 10:16:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667729768.308136,VS0,VE21
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7qVMCFgMOwYdhJp0-6wQOwYdhJp0-6wUAAAAGBuIHJGZcDCcrk82tsjlca9FmsVsrXB6PW7UYmVa2zWJl8g2GQGLGxXCyMtncKpvDtRZtFru1wuXxuFWLkWll2yxWJt9gChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq_2--2mh8lhVxjNDrffbnqYHHa5y_QXPXZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoY4KTBDYJtLNIgKAosYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggJAJTtc4S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HEjbnYONYuIYzl8fl2i1MzpVpNdmNJsblaGaxWLb3FWCOcOhkFN8XcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4Qp23I53M0WbtnEMliLJs6FW7nYbdYij2tlG06Go91k5ha9PqaHbTFYuXxbFAzQ2IvkaZFOVAvHwuTbLGcLi2Fick0cFodlYdjNFh7TcLTa2CZiieZkkU5kl33D5hxsHAvXcObyuFy7hcm5Mq0mu9HEuBzNLBbLvmVbLoe72cItm1gGa9HEuXArF7vNWuRxrWzDyXC0m8zcotfH9LAtBiuXb9-YzXa7yXI32-0bs9luN1nuZrt9h87wXX3ORmdwPPGoRK7vdWixOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV702K1Ff8PTYxFLBKeLdCJ6GU8X9R8ZcjFXDuaiyVyxGq0SAAAAAAAAAMAS5sybAAAAAJwGMhpshqt1HshgOdgtV8sFgHD20v2Z94Ni91mk3jUaLEzgrOsEL278uMH8ltfbb3r67W6F5coAD9TkzJs_E8RarZY1AACAADYAAEAAt27eArCZ-P____84AAAAGTl6AAAA8X2gKI3wI1eKPf6BVg0G!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moontada.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 10:16:10 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
44.206.122.152200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 44.206.122.152:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 10:16:11 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2