hadibi.ahlamontada.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: hadibi.ahlamontada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 12:56:47 GMT
Content-Length: 0
Location: https://hadibi.ahlamontada.com/
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 12:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VXT-2ww9mj6BnFsRoUF1AedotvcaYra_AwBq8DnPqsGEZzfIwxzOXw==
Age: 2477
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6889
Expires: Tue, 27 Sep 2022 14:51:36 GMT
Date: Tue, 27 Sep 2022 12:56:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YzWP_xjkaTk25CH5VeMIXJVasVxuPyR5kch6jITPt7G4wfvmQh1seQ==
age: 12754
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f29d4245c221a826a51cd01647142a62
09ba491457b34a363f86b26cf8669997ab8525e3
7165bf99d639896e10b20fb510cab44b6c6891ea650a592ac804551ff4783c63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7165BF99D639896E10B20FB510CAB44B6C6891EA650A592AC804551FF4783C63"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=824
Expires: Tue, 27 Sep 2022 13:10:31 GMT
Date: Tue, 27 Sep 2022 12:56:47 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 12:10:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6058
Cache-Control: max-age=148862
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Etag: "63327de3-117"
Expires: Thu, 29 Sep 2022 06:17:49 GMT
Last-Modified: Tue, 27 Sep 2022 04:36:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 10:40:15 GMT
expires: Mon, 25 Sep 2023 10:40:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 180992
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
File type ASCII text, with very long lines (1720)
Hash 96a60096487d2819054bef6fe52ec171
17b521be2ffd8e7edcdc90d5b5b2a36131f96b4f
16e651156d9955bed9a65c17e86df5baf9a0882b70f10e3780df1dd81b99a184
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:56:47 GMT
expires: Tue, 27 Sep 2022 12:56:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 71265a0c6851c7a8b791cad4aa3db788
7ff19cc491bb3b6207818100171cc99932510040
2ce831555f110600647e1a8256cf62728fe0253067c5210ae30b1d4b376833e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5878
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 11:18:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=
200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP
File type ASCII text, with very long lines (1720)
Hash 7c83edc2c8d8fef8222ff0758a17a712
e5f7626c1de9588ed15f3d96ba9795ba138c9aa1
a32d59a727fa6c844623fb895d13206e958c836724f563fc8efce0369d72c54e
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:56:47 GMT
expires: Tue, 27 Sep 2022 12:56:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/empty.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 19420781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYRwDtztaP0xiaW%2BGv3RW5rUXbd2XcIBeBJ4zKuo8XQLgy5NBk7RdRbyP2asQHPtBM6t77yfVGgUKrwFO3Ij%2Fj9fsOrAMqIyJ9SuWKdTCjn6nL%2BC1fUutdhlRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c248d2f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hadibi.ahlamontada.com/0-rtl.css
200 OK 54 kB URL HTTP/2 hadibi.ahlamontada.com/0-rtl.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 95ba96e79ebd254aa8dae5947e2e9d55
69ece860226833568cde7ad1072efe2d264955b7
b21b6cece2fdb3a64d2bd28838bca7679f1617b139c074d445e244fe718dbec7
GET /0-rtl.css HTTP/1.1
Host: hadibi.ahlamontada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Cookie: exadd=166429
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: text/css
content-length: 54430
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash edbb0a8ba8a5ed05feab2400b27538ca
f75e013eb0f807b351b2d5af873cf5509bfc0115
e920e23a4eccb541813ecbd554142355e926141e2065344552b1dda0fc59481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 12:10:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 313 B IP
Hash 1b38278fa6ffd8c86b24839081164a96
92b5ee31846d802f8d685ffb73f1b4aeff3f79fc
c7e3c4c064d58692c5aeafdc380ae99093b86b8df61150501d66e5b90dbdd9eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5264
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 11:29:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 12:10:46 GMT
Expires: Tue, 27 Sep 2022 12:40:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JtfKxxOMtwzKTsoqp3jrWBYgG5tCGKM1mIATUezPH4unKbjXe0jVsA==
Age: 2761
twemoji.maxcdn.com/twemoji.min.js
200 OK 4.9 kB URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP
Hash 931e41d261cc12c335ee6b818b4d2e71
9cfdb49ae2787922418135d0f14d6018fb96520e
4ec51e8cc992c18574d02f4df981c32263082a5f2aa69f9312438d4df7526ce5
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Thu, 27 Oct 2022 12:56:47 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: AC1C:2101:52CB7C:54F937:632A1005
vary: Accept-Encoding
x-fastly-request-id: 3daa9c29349b923c7bc2e77b2f3789ec5ff3662e
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fc558a27672ad8143d95bbc4e7ec717
25bda9575635a09e453b51d8247c0adf8678345a
c67bc59415db10fb39d990d12b3099062c9859c2d1360c7b27288ffa9d45016a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C67BC59415DB10FB39D990D12B3099062C9859C2D1360C7B27288FFA9D45016A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5788
Expires: Tue, 27 Sep 2022 14:33:16 GMT
Date: Tue, 27 Sep 2022 12:56:48 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4973
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:33:56 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 313 B IP
Hash 944c43daeb114b52f31985e73a2e4de4
6edea5919fdbc74de43535086581527dcef9a9dc
a56e37bc78ae79d514bc828cfa7416a950f5ce4310b281303ab900beb5bc525e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:28:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=hadibi.ahlamontada.com&var=&ymid=&var_3=
200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=hadibi.ahlamontada.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 73d0c853bbf2cad441e7179cf0a8ec53
9ba0f6b84abb314599877c950f883c2aa2ff12ff
140dd805a254cf3a4866e6c2ce47d1be7786955983e8501c27469d64570a0995
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=hadibi.ahlamontada.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: c4f340bec30a2fb4440b18081dfc40d5
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP
File type Unicode text, UTF-8 text, with very long lines (65497)
Hash f56a49bf269ea0f903e984cdbed940c5
2dbd0f6ea9174e818b8c20206f20b947cfb0fc09
24a9dfceb774436382e9a3ce0a20d2dd30adb0efb4d2556fda1511dbab3c3add
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V5R5kCGtcZa3kLO928RmC2ZVk/FRnQ7iEry3jNDGmCCUgComkBOkuY0IzgarTOKjaknqLTRIyLk=
x-amz-request-id: EP59X7F7N9PFBRKV
last-modified: Mon, 26 Sep 2022 15:50:24 GMT
etag: "f9392b94fb8ac5e1e3b864c036d12f21"
x-amz-version-id: XdlnKNONbuuqvAd_Z5xfnmh_N2seqtvg
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:48 GMT
via: 1.1 varnish
age: 83
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664283408.311909,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 43
content-length: 25113
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 12:41:09 GMT
expires: Tue, 27 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 939
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=hadibi.ahlamontada.com
200 OK 5.4 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=hadibi.ahlamontada.com
IP
Hash e053fe89925906478339b448de1dd111
ac8a91be9a040eaf43b673d18a7667351fb956d5
036d11f203b375363cd0a07bb76fddc13be006e81304d09abcd33685a196fc51
GET /syncframe?origin=publishertag&topUrl=hadibi.ahlamontada.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=3991c849-c6e2-4a6f-aef7-17aa06a10c8c; expires=Sun, 22 Oct 2023 12:56:47 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 662971
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 7fe5d7e8bab006e280be51825bd0e7f3
04b2e3443b73f3da95b8befc775c007a35974ba1
c9e96bf1d96f91f66945a20eaf3a81e360ee13a00475a1297ae8e68e89d86ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1111
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:38:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
cdn.viglink.com/api/vglnk.js
200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 399064
expires: Tue, 04 Oct 2022 12:56:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c67879b527-OSL
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 146 kB (145469 bytes)
Hash b6247ec22fba797cf6f51ae4c86a6509
1807f86f8b7146c10c986fd203d31de61ee67d8a
742c16a6b9e92d702d4e514560b0826268e676278e169e990c548d0bb6dd8a2f
GET /libtrc/impl.20220922-16-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: COg8lMA673OEz5PM+KFXiDXiosSVySM+TdixW+84HZwxLH8GtDt35DYHxlOgtiehZ9ZB4jLgaQI=
x-amz-request-id: W1R6REBMZ25HV30N
last-modified: Thu, 22 Sep 2022 14:15:17 GMT
etag: "b6247ec22fba797cf6f51ae4c86a6509"
content-encoding: br
x-amz-version-id: wNWqo8c3RDyWSxV8p_CKOzvKdfoSb_oq
content-type: application/javascript
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:48 GMT
via: 1.1 varnish
age: 24088
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 12800
x-timer: S1664283408.404943,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 14
server: AmazonS3-br
content-length: 145469
X-Firefox-Spdy: h2
hadibi.ahlamontada.com/images/icons-180.png
200 OK 6.1 kB URL HTTP/2 hadibi.ahlamontada.com/images/icons-180.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bbc173a2c7add9b97ed5fe2dea15269
2e00950d0813a6d995784905a90c5eb2041f05ee
689c95c5a53fd85782d965279cafd0c06042391eca615fe7e7f799e1bae5cc82
GET /images/icons-180.png HTTP/1.1
Host: hadibi.ahlamontada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: image/png
content-length: 6055
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LDLMSIYweoySFIGQVM76Sg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JEtLefd2oaEWKCbEMWBo+R77n4M=
ocsp.digicert.com/
200 OK 313 B IP
Hash d7103c61c45779a7b5d41d348717a808
eefd5e3968dda1f2d6e4eb24977265459ecbe974
093f9f2eaaa017cbd1fa1a8fdd067c242b3e28d18c6925d3116ad8d50f08af0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6318
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:11:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash d7103c61c45779a7b5d41d348717a808
eefd5e3968dda1f2d6e4eb24977265459ecbe974
093f9f2eaaa017cbd1fa1a8fdd067c242b3e28d18c6925d3116ad8d50f08af0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:10:34 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
stootsou.net/pfe/current/universal.min.js?v=3.1.395
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.395
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Content-Type: application/json
Origin: https://hadibi.ahlamontada.com
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 92361714d84ce46fffd360f8ca09be8d
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05b8e0539f33600bbfe6567a3e4506f2
43701d17c095ca11bd588b16177f2a7adf564fde
c23204269e6ec9727b91de24158f15b7bfb6159e95606089231db82560513160
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C23204269E6EC9727B91DE24158F15B7BFB6159E95606089231DB82560513160"
Last-Modified: Mon, 26 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6020
Expires: Tue, 27 Sep 2022 14:37:08 GMT
Date: Tue, 27 Sep 2022 12:56:48 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4b4b24188fa7cf59e26c261113d2ec4e
b39e76b0a5ddd302308fbcebbf295f91540b3d6e
dee2b698601ac272ef262a0557325ded4091d8af2344e18a7421c287c1ef16da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:35:54 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gNLYHFNoLU8Y2mFuuvSAh90K_Js_USMEp5KAL_qH5mMJ8yxHcijH8A==
Age: 4854
api.viglink.com/api/ping
200 OK 260 B IP
File type ASCII text, with no line terminators
Hash 1284d45b43749b7efdb7b84959283454
50c5feb59785dfc60a13912cb7e93a888d5f4ddd
f01ed1995ec6044b1ecd881d93b764af7d44acad8b2c16f61a0e00f49948710c
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 131
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hadibi.ahlamontada.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 27 Sep 2022 12:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&gjid=1747288348&_gid=21466275.1664283406&_u=YEBAAUAAAAAAAC~&z=1573944402
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&gjid=1747288348&_gid=21466275.1664283406&_u=YEBAAUAAAAAAAC~&z=1573944402
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&gjid=1747288348&_gid=21466275.1664283406&_u=YEBAAUAAAAAAAC~&z=1573944402 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hadibi.ahlamontada.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 12:56:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 477
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A46.449&type=usage&msg=rtus&llvl=2&id=804&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A46.449&type=usage&msg=rtus&llvl=2&id=804&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A46.449&type=usage&msg=rtus&llvl=2&id=804&cv=20220922-16-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
x-fastly-to-nlb-rtt: 21081
access-control-allow-credentials: true
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Content-Type: application/json
Origin: https://hadibi.ahlamontada.com
Content-Length: 745
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 4b972061d6e877d22bbc288dd08ffc8d
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Tue, 27 Sep 2022 12:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://hadibi.ahlamontada.com
server-processing-duration-in-ticks: 438486
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 81 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash 0c5878ad5c5a813a14787e6ac3ca0d31
fad5a306874e5b542b2f58e07d1d9a9150cd58c9
5a24e459a1202ceeaf4128b817133adb3f7f757a3521ff3c9de34435f1af88cb
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 113861
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 9.0 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash 2f389c0c4f189fd4f0772a0320995021
2b17f7c92ea60f317587279605c3325aaa7edeb2
6adcd8309055b44b19ceaad8ddae9671b0cc528a8176d6c16add664225c585e5
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 490656
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&_u=YEBAAUAAAAAAAC~&z=663386145
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&_u=YEBAAUAAAAAAAC~&z=663386145
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&_u=YEBAAUAAAAAAAC~&z=663386145 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:56:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 12:56:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=494308,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751466c97dfc1c16-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=9b7389e9d48745689ab808379b483675
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=9b7389e9d48745689ab808379b483675
IP
File type JSON data\012- , ASCII text
Hash 8919141f23f46a7a5ab7d47b1972265a
d70981bfa917ac4643f366411ff1f83558ae9c27
6f836465d3bc15c40d6e79163ab1c10df2814a52f46a6df1291137ea4a1da641
GET /gid.js?userId=9b7389e9d48745689ab808379b483675 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9b7389e9d48745689ab808379b483675; expires=Wed, 27 Sep 2023 12:56:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/syncframe?origin=rtus&topUrl=hadibi.ahlamontada.com
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=hadibi.ahlamontada.com
IP
Hash 511d60d4dfa9fa4a4ba13846c6272f0d
78fe7e813e6d972e541e13489ce33d7cb8ed6307
7af20cef011fd629819f5a02ca85e73c14b93c848628d4c6d57d3f9a2bc80086
GET /syncframe?origin=rtus&topUrl=hadibi.ahlamontada.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=27d57daa-8552-4c86-bc76-71cfdf48edfc; expires=Sun, 22 Oct 2023 12:56:48 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 501338
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash f2fcf838f5d6c8d7cb5eefa19e0fedae
5f453cc4ae4a892937814588913e76e24594921f
85c101df8ee7d95095a4006e520b6a31e765ab314c4ab161c6274ee58a048360
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Last-Modified: Tue, 27 Sep 2022 11:32:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
cdn.taboola.com/libtrc/cta-component.20220922-16-RELEASE.es6.js
200 OK 5.1 kB URL HTTP/2 cdn.taboola.com/libtrc/cta-component.20220922-16-RELEASE.es6.js
IP
File type ASCII text, with very long lines (18924)
Hash 6edc0c60cbd321db86a583328bcc8e36
ac470f655afcce12484742602497b0ffeda681f6
f5a6378eecece6fb97a79cdca11cd412c146ae73ef884773bd90a14632bdcaa7
GET /libtrc/cta-component.20220922-16-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Ct8IUrp3S3Y44U7aGR4AcpBJ3SgTt5hbGMS/pW9rqVCZPmm+JI59leFiPJM7VUYPaJJpoZZWcGo=
x-amz-request-id: BRA2RPPVQBCRW5VV
x-amz-replication-status: PENDING
last-modified: Sun, 25 Sep 2022 11:25:54 GMT
etag: "fac88d02a4ac159dfd6a97505363e724"
x-amz-version-id: 0mj3v0ylRZHoTnn0QAy2dPFAeeVnFZfs
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 33
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 14
x-timer: S1664283409.238136,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 14
content-length: 5108
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
IP
File type ASCII text, with very long lines (17842)
Hash 3e7d8362ae0935052e7b830330333235
a22d41053809368c2a205527d7e07e774704b963
0513cd309debc5c144190b687feb1a1fa3f910c5ae7a44ab98bc1b4d459946b3
GET /libtrc/userx.20220922-16-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: EPnBOSdmJEdhu4JONnnrYz+pWBZzo8yGSYq7ayNxy2VgpwWzJKjW05/dee057aKKK1V9qEj5xzk=
x-amz-request-id: 7ZF16SJ6T06ATG9W
x-amz-replication-status: PENDING
last-modified: Sun, 25 Sep 2022 11:22:01 GMT
etag: "db9444e762c7677565a6ea28981b5bc1"
x-amz-version-id: 8c6AX02xLYX5yIzY_Dwb1zXMiU4DNl8e
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 22
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1664283409.243092,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 14
content-length: 5398
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7b72a082fc5e3bc4aabbb79f73fb604
31cc6cd9b3dfbd31d24cd47dd2fcb29f5522822f
bf20590ab0b6486faa1a22e447f2ae149aa76742fd65fa43993646031d90a1e1
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 09:04:05 GMT
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
server: AmazonS3
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: AfyrLxGlKNoXsjSvShOJ1QFm2rrv76iJaqEsgbMoQU-1oTsr3wJz-Q==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1223521
x-served-by: cache-bma1648-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 37571
x-timer: S1664283409.245588,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29884
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
200 OK 7.4 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fecd8d990d304d5c8ed1e044d311564b
51503ad7c211c8930bf7e7bf0b45938492c0c89f
752ca8310ec580c0a6693b73ab6ae214b9a19a65632c48518bc2daff9022fa47
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 375394960470726063426544127135759758201,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 375394960470726063426544127135759758201,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "662f240776f27ece4ed0c1d764777ac0"
last-modified: Fri, 01 Jul 2022 01:32:38 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 1951b95492254ffa75796ec7e61c4720
x-envoy-upstream-service-time: 83
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 4944775
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kiad7000126-IAD, cache-lga21973-LGA, cache-iad-kiad7000047-IAD, cache-bma1648-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 1, 1
x-timer: S1664283409.340183,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
x-vcl-time-ms: 1
content-length: 7422
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/22838464cd0ff2e7b68381f57554bbc6.jpg
200 OK 6.0 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/22838464cd0ff2e7b68381f57554bbc6.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 91f4289eb62c5e3a20cbba2630f7c5f4
b8fd7077b4e460fbef9df982a85ac60aab625880
6418c2a959c2489fa130963c68ba689625f0d28038689dfbc757fe710584915b
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/22838464cd0ff2e7b68381f57554bbc6.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 337622772664860344241614472254358826418,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 337622772664860344241614472254358826418,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "dbd4d8efaf6c27f7b01daf1cf14da02d"
last-modified: Tue, 16 Aug 2022 11:24:07 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 1689da4843c77cc207a202caac686770
x-envoy-upstream-service-time: 143
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 3612003
x-served-by: cache-iad-kjyo7100134-IAD, cache-iad-kcgs7200086-IAD, cache-bur-kbur8200135-BUR, cache-iad-kjyo7100052-IAD, cache-bma1648-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 1, 1
x-timer: S1664283409.424873,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/22838464cd0ff2e7b68381f57554bbc6.jpg
x-vcl-time-ms: 1
content-length: 5996
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Mattress_PR/I82pfgokOG7jVVQB2.jpg
200 OK 6.6 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Mattress_PR/I82pfgokOG7jVVQB2.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 51ab76af54dfe7181c1a81d5055ab0df
4502d54835216b4c9836a38f999da602548204fb
f1f919ecd65a1565c8cf010cca3f8870cceaa790f06e1411c188a5def5556f41
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Mattress_PR/I82pfgokOG7jVVQB2.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 610875578773282110481061400828422065667,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 610875578773282110481061400828422065667,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "8fb9857351a552534207e978f5648ebe"
expiration: expiry-date="Fri, 16 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 16 Aug 2022 05:32:23 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 3397
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1082471
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kiad7000051-IAD, cache-sna10743-LGB, cache-iad-kcgs7200054-IAD, cache-bma1648-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1664283409.426326,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Mattress_PR/I82pfgokOG7jVVQB2.jpg
x-vcl-time-ms: 1
content-length: 6556
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
200 OK 4.6 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b172ae92f569f9b8932758b37a9bba0c
67e0c5420827e8dc435d058b276957a1e28aa2c9
7a03c3d99d82fa44f8a948b10e1a7ee4bde89f5acf2f0501f6ad52580afcbfaa
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "402e41166faee5e4762105d6be7ace3f"
expiration: expiry-date="Sat, 17 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Wed, 17 Aug 2022 15:39:12 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 861
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1221143
x-served-by: cache-iad-kcgs7200097-IAD, cache-iad-kcgs7200026-IAD, cache-chi-klot8100056-CHI, cache-iad-kcgs7200042-IAD, cache-bma1648-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1664283409.439147,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 1
content-length: 4628
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
200 OK 6.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash afd94de274b42d060d759f04bc93f45d
556fd94f8ecaab204a4352af88be174c922330f2
63bce6247452e5d1147d21b85af2479479560a2fff763ba6807216371286a44f
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 409007793272519477888960907609700542045,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 409007793272519477888960907609700542045,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "d004f611bec22a8fd193b31b35b206a3"
expiration: expiry-date="Fri, 16 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 16 Aug 2022 05:45:08 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 407
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1202557
x-served-by: cache-iad-kjyo7100141-IAD, cache-iad-kiad7000069-IAD, cache-bur-kbur8200078-BUR, cache-iad-kcgs7200154-IAD, cache-bma1648-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1664283409.439169,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
x-vcl-time-ms: 1
content-length: 6128
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
200 OK 7.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash c0a9f60f0288ebc3444012be46cd9ebe
7e59f8e4e4cbd11ea957ee1d40911796dbdc4511
1506238c53826537a0220fd1a4bdcda57718d5726d9a024b5d702d1e6aec478a
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "0edcf740b4106100abadd2b893d52f23"
expiration: expiry-date="Mon, 05 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 05 Aug 2022 15:41:40 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 176
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 2058020
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kjyo7100060-IAD, cache-chi-klot8100093-CHI, cache-iad-kiad7000178-IAD, cache-bma1648-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1664283409.439192,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
x-vcl-time-ms: 4
content-length: 7530
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=6
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=6
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=6 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4569
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1681
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 57 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 08fbdfcd15441c4a2689e7486e323098
fea51c8b435ecfcde79633fd72a2bdf3d2aac72e
a2d05337d9ae63b0b5527158dd496633bdf968749a5295f5c81d910253f852ad
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 343
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hadibi.ahlamontada.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 27 Sep 2022 12:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 57
Connection: keep-alive
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.188&type=usage&msg=cta-_1664283407188&llvl=2&id=2037&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3F%5CnVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.188&type=usage&msg=cta-_1664283407188&llvl=2&id=2037&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3F%5CnVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.188&type=usage&msg=cta-_1664283407188&llvl=2&id=2037&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3F%5CnVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhadibi.ahlamontada.com%2F&encoded=1&uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664283407134&tagid=&cntry=NO&platform=1&sesid=596b5f4d63541666b985bfa55d143b5f&itemid=/&viewid=1664283406455&geolat=&geoing=&deviceifa=&appid=&sd=v2_596b5f4d63541666b985bfa55d143b5f_ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890_1664283408_1664283408_CNawjgYQ3pxDGPfglfi3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d7bbcd7ac3293e55a56197633a8ccbb2&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8351
200 OK 8.7 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhadibi.ahlamontada.com%2F&encoded=1&uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664283407134&tagid=&cntry=NO&platform=1&sesid=596b5f4d63541666b985bfa55d143b5f&itemid=/&viewid=1664283406455&geolat=&geoing=&deviceifa=&appid=&sd=v2_596b5f4d63541666b985bfa55d143b5f_ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890_1664283408_1664283408_CNawjgYQ3pxDGPfglfi3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d7bbcd7ac3293e55a56197633a8ccbb2&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8351
IP
File type ASCII text, with very long lines (30286), with no line terminators
Hash ed90d8fb98856c37fbd2d1326cacac10
be8eae3688de51c3c5674a946296d5cfa191f5b3
8410f2f942c700ff44635c08757d31e752a282d8f96d7337206745c25d43c7b6
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhadibi.ahlamontada.com%2F&encoded=1&uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664283407134&tagid=&cntry=NO&platform=1&sesid=596b5f4d63541666b985bfa55d143b5f&itemid=/&viewid=1664283406455&geolat=&geoing=&deviceifa=&appid=&sd=v2_596b5f4d63541666b985bfa55d143b5f_ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890_1664283408_1664283408_CNawjgYQ3pxDGPfglfi3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d7bbcd7ac3293e55a56197633a8ccbb2&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8351 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1468
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283409.291279,VS0,VE34
vary: Accept-Encoding
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.082&type=usage&msg=cta-_1664283407082&llvl=2&id=4685&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.082&type=usage&msg=cta-_1664283407082&llvl=2&id=4685&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.082&type=usage&msg=cta-_1664283407082&llvl=2&id=4685&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.106&type=usage&msg=cta-_1664283407106&llvl=2&id=9715&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.106&type=usage&msg=cta-_1664283407106&llvl=2&id=9715&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.106&type=usage&msg=cta-_1664283407106&llvl=2&id=9715&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.084&type=usage&msg=cta-_1664283407084&llvl=2&id=9262&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.084&type=usage&msg=cta-_1664283407084&llvl=2&id=9262&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.084&type=usage&msg=cta-_1664283407084&llvl=2&id=9262&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.178&type=usage&msg=cta-_1664283407178&llvl=2&id=3957&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20priser%5Cnmomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.178&type=usage&msg=cta-_1664283407178&llvl=2&id=3957&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20priser%5Cnmomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.178&type=usage&msg=cta-_1664283407178&llvl=2&id=3957&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20priser%5Cnmomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.104&type=usage&msg=cta-_1664283407104&llvl=2&id=4738&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=12%3A56%3A47.104&type=usage&msg=cta-_1664283407104&llvl=2&id=4738&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.104&type=usage&msg=cta-_1664283407104&llvl=2&id=4738&cv=20220922-16-RELEASE<=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=31589837&cb=1664283407527&uv=3230&tms=1664283407527&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407527&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=31589837&cb=1664283407527&uv=3230&tms=1664283407527&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407527&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=31589837&cb=1664283407527&uv=3230&tms=1664283407527&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407527&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-length: 0
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=undefined&cb=1664283407528&uv=3230&tms=1664283407528&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=022b97b6-a209-4b5c-95c1-61028251b8e0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 899 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=undefined&cb=1664283407528&uv=3230&tms=1664283407528&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=022b97b6-a209-4b5c-95c1-61028251b8e0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
Hash 5bcab1f336f5055539e2f65259ceea93
debfa2c6e408c05b20148e1e08e72bec8bd07d2f
66e9189b42a447728f6b6b7ee0073408f3cbdf05cc982083e0a3d3a61a41e197
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=undefined&cb=1664283407528&uv=3230&tms=1664283407528&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=022b97b6-a209-4b5c-95c1-61028251b8e0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.687116,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=31589837&cb=1664283407597&uv=3230&tms=1664283407597&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407597&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=31589837&cb=1664283407597&uv=3230&tms=1664283407597&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407597&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=31589837&cb=1664283407597&uv=3230&tms=1664283407597&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407597&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:56:49 GMT
Connection: keep-alive
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 9.3 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash 0349bb41a1f407402e2fde77adf28f77
d0537130076eb79f8acc2ed422c7ff33095e1ef5
7756b9c8e52780b835a362fc2748e1b42a131c988cac1accf1790cb0205855a1
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
x-crto-bundle: 2-gMul85SCUyRlVHOE1UbmVEUlBMNWNUdXpSJTJCWlNSaXhDcXRHTUJ1RzF0UzlLWGFSbTgzN3RzdG9LOGx0a0F5NWRtRlolMkYlMkYzWGZrWFZvOFdDTDJPaXFWaXprUTdFS3dZMlZ6NlRlS0xIRXRtODBTTENCT3owaFZZJTJCMnJHMEFERXRjYiUyRmlTMHVra0NIakd0UzhIJTJCeGtMbHlKalJxdyUzRCUzRA
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://hadibi.ahlamontada.com
server-processing-duration-in-ticks: 1829839
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:56:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:56:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 55062
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 55072
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 42602
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3140ec95f33c36599de95b25cdade940
932c74fa24b61ee1b1c672b6c19b1e736caab8d3
f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9737
x-amzn-requestid: a06488e4-22bb-4149-adac-b6696ab91923
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATHzUIAMFtcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-238f1b945a8b549872c85f2a;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkfz02g1BMeZhFonJAWyqyQ9jBnZC4i-2ZHzO2wgJBVjC4YfvtlxCA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 55072
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 54026
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 40739
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_3_0/assets/css/cmOsUnit.css
200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_0/assets/css/cmOsUnit.css
IP
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_3_0/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 0GqLaJTEoq08w5K50fWnlIkmwRUDC7J31N0fV9+A4Z6KszF9Z1W8ZNtpYCwSbihwX1C1LBMzRhQ=
x-amz-request-id: EA4A1MTNA1QRKAVQ
last-modified: Sat, 24 Sep 2022 09:07:48 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1664010467
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010467
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 272813
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 44426
x-timer: S1664283410.911876,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_3_0/infra/cmTagWIDGET_ITEM.js
200 OK 127 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_0/infra/cmTagWIDGET_ITEM.js
IP
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 127 kB (126871 bytes)
Hash d57009c5b713da8751998109cd3510d5
29eff961b25a5da6d5eca61234bb2a93abc29b19
66e7c96768afe6004cf46b6212412c5df8d22d1b14f2441a3fbca329e5d809e5
GET /vpaid/units/32_3_0/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IwI3zYzWuODaDGy8hMZ3jkZ80+3zVZTxLHVAPkA0DLYdK/lO/Z5evoaYAKT/hqjXzPF24yril48=
x-amz-request-id: ZRGWVZX09W5X8RZT
last-modified: Sat, 24 Sep 2022 09:06:53 GMT
etag: "d57009c5b713da8751998109cd3510d5"
x-amz-meta-ctime: 1664010412
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010411
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 272812
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 22432
x-timer: S1664283410.929904,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 126871
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash ad6aca13d38cc84a2ed087fc147d9ad7
adca01603b87ac5e943d2b5e13dceecac13fd3f2
9358aa86e877e36d9564f3335ef55f1c46f74c18494f8a2d361fbc967e162da4
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Last-Modified: Tue, 27 Sep 2022 11:25:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
hadibi.ahlamontada.com/sw.js
200 OK 2.6 kB URL HTTP/2 hadibi.ahlamontada.com/sw.js
IP
Hash bee4806560530677cad60631db27e0b8
0f15f20d259efdd9ad9c648786d8393ff897d122
0013c7267bd829ffacfd4e8009a085e885f8c61869cd173f06d604a6150f611f
GET /sw.js HTTP/1.1
Host: hadibi.ahlamontada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.357745437.1664283406; _gid=GA1.2.21466275.1664283406; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283407605&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
200 OK 984 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283407605&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
IP
Hash 957fe399760855062a17821783e7b797
01bd71f440c7792968e23de63e0712c099860676
84f32c0392c415c7ec9397cbb0fd2e13f5a8d3444584d0a441b38814e75875cd
POST /VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283407605&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1470
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.837918,VS0,VE54
vary: Accept-Encoding
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash ad6aca13d38cc84a2ed087fc147d9ad7
adca01603b87ac5e943d2b5e13dceecac13fd3f2
9358aa86e877e36d9564f3335ef55f1c46f74c18494f8a2d361fbc967e162da4
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:49 GMT
Last-Modified: Tue, 27 Sep 2022 11:25:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 12:56:49 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da124ec3-3e63-11ed-8ab4-1be234f70306; expires=Tue, 25-Oct-2022 12:56:49 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da124f02-3e63-11ed-8ab4-1be234f70306
X-fe: 142
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da18530b-3e63-11ed-872d-1d66682b0206; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18534d-3e63-11ed-872d-1d66682b0206
X-fe: 19
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da186340-3e63-11ed-8040-1ebee0f60106; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18637f-3e63-11ed-8040-1ebee0f60106
X-fe: 92
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da185c17-3e63-11ed-81f5-17f3d7a10306; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da185c48-3e63-11ed-81f5-17f3d7a10306
X-fe: 126
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da124f02-3e63-11ed-8ab4-1be234f70306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da124f02-3e63-11ed-8ab4-1be234f70306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da124f02-3e63-11ed-8ab4-1be234f70306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da188595-3e63-11ed-a65d-1e875f050206; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 74
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18534d-3e63-11ed-872d-1d66682b0206
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18534d-3e63-11ed-872d-1d66682b0206
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18534d-3e63-11ed-872d-1d66682b0206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da1cc839-3e63-11ed-a92c-1189f5600506; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 99
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18637f-3e63-11ed-8040-1ebee0f60106
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18637f-3e63-11ed-8040-1ebee0f60106
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18637f-3e63-11ed-8040-1ebee0f60106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da1d3825-3e63-11ed-93c6-169e7f670506; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 38
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da185c48-3e63-11ed-81f5-17f3d7a10306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da185c48-3e63-11ed-81f5-17f3d7a10306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da185c48-3e63-11ed-81f5-17f3d7a10306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da1d95cc-3e63-11ed-b2c7-1f0541440506; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 121
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
200 OK 471 B IP
Hash 27c471f045be7dd17912ca68fb26c55b
16aee79abcf78017b18af2014f2d556a74c737f3
1548c04358a72f01fdfbe18190bf4b3476d00fda9acf24e788e51f361dbf6a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1623
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:50 GMT
Last-Modified: Tue, 27 Sep 2022 12:29:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 97817756af75194ee270c9ac24263a15
419d525ef4241cf619d0addd858f3bc035b5fdf3
30f56f1d03403d6fe30c9fdd649cfc0151fb07957ebe76ca4c1b6e59233f6073
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 01 Oct 2022 09:47:19 GMT
ETag: "419d525ef4241cf619d0addd858f3bc035b5fdf3"
Last-Modified: Tue, 27 Sep 2022 09:47:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 605
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751466d15e2ab4f4-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 925dcfd890f0fc22ebce6e43cc497ecd
1d756347443f7bf74cbe47b8f4f3a7f011f34a6a
e7b0dd7394e21b78df7c84eef61e0dd3ca0811a470c06d594cd93f080dabc580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=305397,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751466d15e5c1c16-OSL
ups.analytics.yahoo.com/ups/58534/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 12:56:50 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEMuC1J2FDqekqrtjS5NAyoEFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAAuF35FbKJ8U7JEuOSg906q4; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:50 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 43
Connection: keep-alive
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js
200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b5eb5deb3896df163984797d27b4d980
85da436ef9c38206cb926fed093c96f911506b75
19d2b834877874de4a1d488214d7c574cd00d7db6b68cc48b7b4c988cd5e7b51
GET /vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: o6xcpPhv775RpZGpaP2atU207+TUcpD7v+IADo0lB/dpMr/QhFwz3nqd46XzsxrPcE5MsZmdhb0=
x-amz-request-id: PAKC81N915AWRTDK
last-modified: Sat, 24 Sep 2022 09:01:25 GMT
etag: "b5eb5deb3896df163984797d27b4d980"
x-amz-meta-ctime: 1664010084
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010068
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
age: 273270
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 41395
x-timer: S1664283410.205643,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 86888
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash feaa3df5b6452e40b139cb3c52d728c3
9497cce16b201a8ad58ca9e5694abc1d347fbb4b
6201fb8d71c6d68c7a923f1dde2f8ac72c97bf0b00abcfba81dbe0328cbd034a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:50 GMT
Last-Modified: Tue, 27 Sep 2022 11:42:58 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kxBzD1-phTALtIIX3uqgzflAc3-PWeYP-44PLNUOGKe4dvNwq-4dKA==
Age: 4432
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
age: 19569
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 2497
x-timer: S1664283410.426019,VS0,VE0
cache-control: private,max-age=31536000
abp: 14
content-length: 254
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Sep 2022 12:56:50 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEEKNryR9a3SjVrW9qbKGBxgFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAAoEvskCaRxF5abjkz1VqaMs; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 928 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (928), with no line terminators
Hash 17403b41f415b7b0edb59f52e33e8fb2
ba381a8361ae5b781f0c6c318c714083f03335a5
cee951f16e0c0a2483c94e07da6adfd3b4549ce3279979a6c9c054b4f4d7c1cf
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da5da81c-3e63-11ed-be7a-1afcdea00406; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da5da852-3e63-11ed-be7a-1afcdea00406
X-fe: 130
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:50 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4047
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.411712,VS0,VE83
x-vcl-time-ms: 83
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2379
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.413135,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=hadibi.ahlamontada.com&bundle=Qir2bF93NUhrNjc3UzNvdkx0Yk5PNU83UEp4ZXFFbGJFVU5qbGVWJTJCeXdLb3E3YmlLc1JQUks3azlDYjVSbHRPSTkyVWthY3RqTE80Sk5MVDhzMlZTRW8zbFJSeHRCJTJCNmQwRzIlMkJ2WklzWjd1NzM0TDFJdDAzUHRVNlhvWVFuQ1dkSWJvJTJGUmJKZVNnYU1Bb2VjckZOOVdGSjRiUSUzRCUzRA&info=Sf3XTl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGY4N1BwZHZOd00lMkZiZjN5ZDNLUlRBNg&idsd=1697668341,-1825528481&cw=1&rtusCallerId=72&lsw=1
200 OK 66 kB URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=hadibi.ahlamontada.com&bundle=Qir2bF93NUhrNjc3UzNvdkx0Yk5PNU83UEp4ZXFFbGJFVU5qbGVWJTJCeXdLb3E3YmlLc1JQUks3azlDYjVSbHRPSTkyVWthY3RqTE80Sk5MVDhzMlZTRW8zbFJSeHRCJTJCNmQwRzIlMkJ2WklzWjd1NzM0TDFJdDAzUHRVNlhvWVFuQ1dkSWJvJTJGUmJKZVNnYU1Bb2VjckZOOVdGSjRiUSUzRCUzRA&info=Sf3XTl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGY4N1BwZHZOd00lMkZiZjN5ZDNLUlRBNg&idsd=1697668341,-1825528481&cw=1&rtusCallerId=72&lsw=1
IP
Hash d95c636787a278e227ee3df69b3dbf0f
5c4b448a61fdbcbb7264c810763e626e3c19a545
d7e382be87349a0f74315883f833680c0769f701d93cead62940bb276125571c
GET /sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=hadibi.ahlamontada.com&bundle=Qir2bF93NUhrNjc3UzNvdkx0Yk5PNU83UEp4ZXFFbGJFVU5qbGVWJTJCeXdLb3E3YmlLc1JQUks3azlDYjVSbHRPSTkyVWthY3RqTE80Sk5MVDhzMlZTRW8zbFJSeHRCJTJCNmQwRzIlMkJ2WklzWjd1NzM0TDFJdDAzUHRVNlhvWVFuQ1dkSWJvJTJGUmJKZVNnYU1Bb2VjckZOOVdGSjRiUSUzRCUzRA&info=Sf3XTl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGY4N1BwZHZOd00lMkZiZjN5ZDNLUlRBNg&idsd=1697668341,-1825528481&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 957715
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da5dab53-3e63-11ed-8956-1e588e900306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da5dab53-3e63-11ed-8956-1e588e900306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da5dab53-3e63-11ed-8956-1e588e900306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da6f106d-3e63-11ed-8e51-14f0ef8b0306; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 101
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 43
Connection: keep-alive
ups.analytics.yahoo.com/ups/58534/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 27 Sep 2022 12:56:50 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEI9CTJuJIRdy0yeU5rgbFqUFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAAkZPqRvjx4tu1uaigBsJ8bg; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:50 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Sep 2022 12:56:50 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEFoSkGXZUsXDwmKpmNExYgoFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAArvu6OtEAkf3yUlEIs0YLqw; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false
200 OK 1.7 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
Hash 705444676418a9fb58d78f3440ad7bde
bb486809e663db1f933f72bbb1481fee2c042b0d
3cbfe30c6f35bcb9d62d1e3a6e4d81e0aeea2db736e58769b24e871c915601aa
GET /sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
pips.taboola.com/
200 OK 4 B IP
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://hadibi.ahlamontada.com
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
cds.taboola.com/?uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890
204 No Content 0 B URL HTTP/2 cds.taboola.com/?uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890 HTTP/1.1
Host: cds.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 12:56:51 GMT
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Content-Type: application/json
Origin: https://hadibi.ahlamontada.com
Content-Length: 389
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8fb1569c0244e19d0b23c510343077c6
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=77996dda2c5147b7b465410a5487ef78&zoneId=2308013&checkDuplicate=true&ymid=&var=
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=77996dda2c5147b7b465410a5487ef78&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP
File type JSON data\012- , ASCII text
Hash 8919141f23f46a7a5ab7d47b1972265a
d70981bfa917ac4643f366411ff1f83558ae9c27
6f836465d3bc15c40d6e79163ab1c10df2814a52f46a6df1291137ea4a1da641
GET /gid.js?pub=0&userId=77996dda2c5147b7b465410a5487ef78&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Cookie: ID=9b7389e9d48745689ab808379b483675
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9b7389e9d48745689ab808379b483675; expires=Wed, 27 Sep 2023 12:56:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 66295
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=hadibi.ahlamontada.com&info=7-x4NF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGVFTjc2UHZwUVQ3V2U4a2Z2UUFFajY&idsd=1697668341,-1825528481&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=hadibi.ahlamontada.com&info=7-x4NF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGVFTjc2UHZwUVQ3V2U4a2Z2UUFFajY&idsd=1697668341,-1825528481&cw=1&lsw=1
IP
GET /sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=hadibi.ahlamontada.com&info=7-x4NF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGVFTjc2UHZwUVQ3V2U4a2Z2UUFFajY&idsd=1697668341,-1825528481&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1055335
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A56%3A46.458<i=deflated&data=%7B%22id%22%3A508%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664283406455%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1842%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A113.89999389648438%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1803.4000244140625%2C%22mw%22%3A979.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=12%3A56%3A46.458<i=deflated&data=%7B%22id%22%3A508%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664283406455%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1842%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A113.89999389648438%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1803.4000244140625%2C%22mw%22%3A979.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
GET /forumotion-ar/trc/3/json?tim=12%3A56%3A46.458<i=deflated&data=%7B%22id%22%3A508%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1664207421812%2C%22vi%22%3A1664283406455%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A1842%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A113.89999389648438%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1803.4000244140625%2C%22mw%22%3A979.5999755859375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283409.749585,VS0,VE437
vary: Accept-Encoding
x-vcl-time-ms: 437
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1664283412552&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1483&pt=412798600&tz=0&viewable=true&ddast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1664283412552&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1483&pt=412798600&tz=0&viewable=true&ddast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1664283412552&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1483&pt=412798600&tz=0&viewable=true&ddast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1437
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:54 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283415.703175,VS0,VE59
vary: Accept-Encoding
X-Firefox-Spdy: h2
hadibi.ahlamontada.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: hadibi.ahlamontada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: text/html; charset=windows-1256
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 27 Sep 2022 00:00:00 GMT
last-modified: Tue, 27 Sep 2022 12:56:47 GMT
vary: User-Agent
set-cookie: exadd=166429; expires=Tue, 27-Sep-2022 16:56:47 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&excid=22&docw=0&cijs=1&nlb=true
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:50 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-1e2be"
expires: Wed, 28 Sep 2022 12:56:47 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 84244
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 5295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X5V9b9mLRv5FamROPSCUFnIdTnFIwBqUS2ZIyphMdHsPC6X3TIRqPhFE11m7YTsDdC2PCIaSthdDWRTDYqS1BoZQ94QI4L%2Bbo9cxhZLCxkkRJS9ZytFeWPoBXqBCJneRcyO8eib"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c50ca50b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1659010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEU%2B1fsL2lz5c2PU8YvJeoI9mfmgBsmzC0qiBBh5UDBDe8QLx4fR8od1V3slMdywv1HnuYau6ONQ%2BnhAg4uosXTb81DPVyPs0QDm5z0r%2BaO4lyG9A9lYAXj96JdGHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c22824b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/lang/notutf8-ar.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/lang/notutf8-ar.js
IP
GET /rs3/63/frm/lang/notutf8-ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:47 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=73321
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 09:02:12 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1655675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXsSycgyrPB1OzgxlkCBdljBX%2FppM%2Bt9Ws6bLWn%2BjBgqHggNQoGo6spxi5ZnLSZxhxcCPrLMtLgUFQ6%2FkpDbasBdoIHOvk5eUO0lZqbHNiC3f0HgE1AvTi%2FO8AOWdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c22823b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=undefined&cb=1664283407599&uv=3230&tms=1664283407599&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7ee57cce-fac9-4fe2-8e38-d41621ed97a0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=undefined&cb=1664283407599&uv=3230&tms=1664283407599&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7ee57cce-fac9-4fe2-8e38-d41621ed97a0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=undefined&cb=1664283407599&uv=3230&tms=1664283407599&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7ee57cce-fac9-4fe2-8e38-d41621ed97a0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.763264,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1664283407550&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1664283407550&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1664283407550&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1461
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.837569,VS0,VE46
vary: Accept-Encoding
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283412616&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1483&pt=412798600&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283412616&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1483&pt=412798600&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283412616&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1483&pt=412798600&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1431
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:54 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283415.765359,VS0,VE72
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-type: application/javascript
x-trace-id: 2d306cf9d09f63004b402afd84ed4c5a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9b7389e9d48745689ab808379b483675; expires=Wed, 27 Sep 2023 12:56:48 GMT; path=/; secure; SameSite=None
oaidts=1664283408; expires=Wed, 27 Sep 2023 12:56:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
178.33.43.178
142.250.74.3
18.156.0.31
104.16.161.13
151.101.85.44
23.36.77.32
185.106.33.48
94.23.73.212
139.45.197.250
141.226.228.48
54.76.231.160