al3omda.ahladalil.com/t118-topic
188.165.2.137301 Moved Permanently 0 B URL HTTP/1.1 al3omda.ahladalil.com/t118-topic
IP 188.165.2.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t118-topic HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 02:20:07 GMT
Content-Length: 0
Location: https://al3omda.ahladalil.com/t118-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Sat, 12 Nov 2022 03:29:12 GMT
Date: Sat, 12 Nov 2022 02:20:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6288
Cache-Control: max-age=122167
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:16:15 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3228
Expires: Sat, 12 Nov 2022 03:13:56 GMT
Date: Sat, 12 Nov 2022 02:20:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 01:43:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2170
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rgb/WV82h5Vl1SGhTYB/sSCMurgiYCbf51RNEpJghmjp1UZgjUdJDVl7dfHYR84VBHSrIcdPQws=
x-amz-request-id: HAHQHJBK5H6033JF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 01:50:03 GMT
age: 1805
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2cb76a833bf83c86252c328aa3632e42
222835d82a55204e3fbc90437d828949bbb72915
68a0c1f6a48b404814ec1ec567dc4a468d2a51950528c2743592bf8df0193965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68A0C1F6A48B404814EC1EC567DC4A468D2A51950528C2743592BF8DF0193965"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15394
Expires: Sat, 12 Nov 2022 06:36:42 GMT
Date: Sat, 12 Nov 2022 02:20:08 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 01:44:48 GMT
cache-control: public,max-age=3600
age: 2120
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44632a2b2ea522b0020d6000f4af3bc0
21923e38103999d5f5f04e7624597f27f1f080b5
1f3b893e17cac7b1f27b895199b0b2b2e11b2f957211bff45afab16c178227d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=104363
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636ddf7c-117"
Expires: Sun, 13 Nov 2022 07:19:31 GMT
Last-Modified: Fri, 11 Nov 2022 05:37:00 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44632a2b2ea522b0020d6000f4af3bc0
21923e38103999d5f5f04e7624597f27f1f080b5
1f3b893e17cac7b1f27b895199b0b2b2e11b2f957211bff45afab16c178227d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=104363
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636ddf7c-117"
Expires: Sun, 13 Nov 2022 07:19:31 GMT
Last-Modified: Fri, 11 Nov 2022 05:37:00 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44632a2b2ea522b0020d6000f4af3bc0
21923e38103999d5f5f04e7624597f27f1f080b5
1f3b893e17cac7b1f27b895199b0b2b2e11b2f957211bff45afab16c178227d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1237
Cache-Control: max-age=99449
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636ddf7c-117"
Expires: Sun, 13 Nov 2022 05:57:37 GMT
Last-Modified: Fri, 11 Nov 2022 05:37:00 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44632a2b2ea522b0020d6000f4af3bc0
21923e38103999d5f5f04e7624597f27f1f080b5
1f3b893e17cac7b1f27b895199b0b2b2e11b2f957211bff45afab16c178227d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1581
Cache-Control: max-age=99793
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636ddf7c-117"
Expires: Sun, 13 Nov 2022 06:03:21 GMT
Last-Modified: Fri, 11 Nov 2022 05:37:00 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b474f74278f0bc7d8a7d6a66c3dcc2dd
6aad727d11a42fefbcabe6af4f0d32c42c946043
db18a18706d236333a7e8671728aea6adbe89e54905799cb5dc8d32feadf2e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 18:40:06 GMT
expires: Wed, 08 Nov 2023 18:40:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 286802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b474f74278f0bc7d8a7d6a66c3dcc2dd
6aad727d11a42fefbcabe6af4f0d32c42c946043
db18a18706d236333a7e8671728aea6adbe89e54905799cb5dc8d32feadf2e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4614
Cache-Control: max-age=115418
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:23:46 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d84a911b820c140cf4e3da2af665b63c
fbee3b2193231404844c0ecb6e8f72d02d30e997
7f0381e9de205bbe3e0cab3e7e40afced0d58bb25b8df4715d1406c702624d14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3581
Cache-Control: max-age=93848
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636dc073-1d7"
Expires: Sun, 13 Nov 2022 04:24:16 GMT
Last-Modified: Fri, 11 Nov 2022 03:24:35 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash b6cf70816bf43e1662467ce66b77a1e9
cb13813fe269c0abf0cd1a78f1eb0e8fb593629b
302efa91231ae3a038748da17469643425584c9eb9c797525c9e36dc6f472552
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4759
Cache-Control: max-age=145099
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636e840c-2d7"
Expires: Sun, 13 Nov 2022 18:38:27 GMT
Last-Modified: Fri, 11 Nov 2022 17:19:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7ac61063bc839a62c86882f86ae1dd97
bd9af64a9baed209d3c4b7b66b67b247d4958182
cad9351da833e9ea4c209b942b502caa40a8f171edb8a2ce4d9918eaeacf7b2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1230
Cache-Control: max-age=157423
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636ec1f9-13a"
Expires: Sun, 13 Nov 2022 22:03:51 GMT
Last-Modified: Fri, 11 Nov 2022 21:43:21 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 76d6c1511066b41e232305f3f73ecc43
3b9fda01f2ecf6be75ad88b2d3aa3da2ddea5e5f
0aa0839e839d162758685fb205b7261c87d665fab12ddee1bb0cf5611c4efaab
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 02:20:08 GMT
expires: Sat, 12 Nov 2022 02:20:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=12992269-1
142.250.74.168200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=12992269-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 6ced2c501c603206eb8ed087a119eb55
dc6f0149af844b2ce6ee52d35dca45af55f0cec9
092de7117f9d9df4d87d1d5aa73c9d57445b21584f6796102fb7ed31eaf45938
GET /gtag/js?id=12992269-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 02:20:08 GMT
expires: Sat, 12 Nov 2022 02:20:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44632a2b2ea522b0020d6000f4af3bc0
21923e38103999d5f5f04e7624597f27f1f080b5
1f3b893e17cac7b1f27b895199b0b2b2e11b2f957211bff45afab16c178227d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=104363
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636ddf7c-117"
Expires: Sun, 13 Nov 2022 07:19:31 GMT
Last-Modified: Fri, 11 Nov 2022 05:37:00 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/ar_AR/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 7ba04f1a30d9497b5d91bef804c4ced0
3bd62bb4f9f5d3bf312397d18c06e4ef494f2345
07763895869c24305914d4de386e9bed0de05212a18163bf44ea86b52d13739b
GET /ar_AR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cc6c7a64aa5faee0e2dc6a9ae9a551f0
etag: "14801653a66f4463b475f1ec350f9d0a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 12 Nov 2022 02:27:30 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: e6BPGjDZSXtdkb74BMTO0A==
x-fb-debug: g5wXkKbFVVh9wpOVa0MSr3/S63rIhYkMOUAnKQW3jpIwf02qZxQ3/zW2SWvIx6W1Elrs+ECO20a+iKst5oTdKg==
content-length: 1686
x-fb-trip-id: 1904183273
date: Sat, 12 Nov 2022 02:20:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b474f74278f0bc7d8a7d6a66c3dcc2dd
6aad727d11a42fefbcabe6af4f0d32c42c946043
db18a18706d236333a7e8671728aea6adbe89e54905799cb5dc8d32feadf2e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d84a911b820c140cf4e3da2af665b63c
fbee3b2193231404844c0ecb6e8f72d02d30e997
7f0381e9de205bbe3e0cab3e7e40afced0d58bb25b8df4715d1406c702624d14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6106
Cache-Control: max-age=96373
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:08 GMT
Etag: "636dc073-1d7"
Expires: Sun, 13 Nov 2022 05:06:21 GMT
Last-Modified: Fri, 11 Nov 2022 03:24:35 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
al3omda.ahladalil.com/0-rtl.css
94.23.150.222200 OK 55 kB URL HTTP/2 al3omda.ahladalil.com/0-rtl.css
IP 94.23.150.222:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 5fabc8e5f71c90bb0dc6f0d3bbe99b0b
fd5dbc53c8f2f63af5ac0f853480aae5b3c79e56
159231ae627eb1283f16d4dbf127e557868320ce1cae85432463df31591231ac
GET /0-rtl.css HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/t118-topic
Cookie: exadd=166823
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: text/css
content-length: 55159
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.62.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.62.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XQoEddEYPPUL+I9C2989ZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MDCqRqi2e3+HaR1tw6YzvSpZYqA=
2img.net/i/fa/i/smiles/affraid.gif
104.21.235.175200 OK 459 B URL HTTP/2 2img.net/i/fa/i/smiles/affraid.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 19 x 25\012- data
Hash 0ae9771811259e2517fced3c2d5770b4
6f936b7378f387901d4c7da9cdf4485ca58ad660
ab4ff2235d7f50f3e90c0e45b76ee9199b91a68808b3c2b0dfd6cddefe7c313d
GET /i/fa/i/smiles/affraid.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 459
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-1cb"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3092347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OeD2paOjbCSQgm8h6bOXyGccbpQddWetwtAcK07V0j3NZDjgVhFHTpm1p%2BhfYFdhA1U7s4CZxfqbhGDEf71mEOA6ARSz3ofZ3tBTLqeYWXE3gPKJ9%2BOgdWzNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde4ae670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.175200 OK 42 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3092468
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e7cpvQbyHBNEMa6JpZVi2zuqwZBA0Xhy6gF4qYsQfhwZiFn%2FmjB4Tb08G%2Bh5FZWMZ3uDCO0yXefeMtiUC%2BSrl%2FU2Nd71r0xLsP3pVvpr7%2FQC2fN6KCUMI8p0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde52e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.175200 OK 43 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 3092475
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKxz6zJKQtMWDQJWfncrVjQ%2BQLopmD0y82I1%2BnNgPyQZmzXuE125pqGhNvc8k9Ut2uVXtSiuGXocGdeMMQf6gE9UqfrbbgiMlmF5SuPaQmMTqtma15%2FCwZNj3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde54e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_sagittarius_1.gif
104.21.235.175200 OK 253 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_sagittarius_1.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 19 x 18\012- data
Hash efc5e2a8bdc2fdb3fd7de7a59258e392
5a00bf4ae6ed32777f0d968fa64b2374a2dbb19c
e716caa4c89cb937b9df1c99b61c84e29f7fff4cc0409b9792ffb98ca66ec04a
GET /i/fa/subsilver/icon_zodiac_sagittarius_1.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 253
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-fd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 106069
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nr3dZVueokEVtkukr87YUYbqv1TWHDFsOAmpu0c%2FtaPxHrRZ8Brxrs%2FLc%2Bpb9l97Kw7p3QKlxtuLgVl6lPF08oCzXqarBuZLYh7sL0IUQ4kQ82%2F9%2BB5WLyP73A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee64e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.eshrag.net/vb/images/w4.gif
104.21.235.175301 Moved Permanently 0 B URL HTTP/2 2img.net/h/www.eshrag.net/vb/images/w4.gif
IP 104.21.235.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /h/www.eshrag.net/vb/images/w4.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 12 Nov 2022 02:20:09 GMT
content-length: 0
location: https://eshrag.net/vb/images/w4.gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 34093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWN%2BLflpQWoXs0qVUcZ4f15tnIBQyN7EsJJGnlBDxgUokRp8UhdeUt8CNWWD8SbeNPDBsoIrihFG7P9aaPrBCSlyskmGJ9tsIcg7QMJnHLF3WWdSNJ1K081qZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee65e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_icon_mini_register.gif
104.21.235.175200 OK 5.0 kB URL HTTP/2 2img.net/s/t/14/62/55/i_icon_mini_register.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 68 x 35\012- data
Hash 5729a0334534bd165b0f421f652acbac
d6248ebcb718042193e60d14c3b3140d8ea55603
1df4baea570955d705b23be9ff300e56dbf85ca65f349109831f97aa83539160
GET /s/t/14/62/55/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 4992
last-modified: Wed, 27 Oct 2010 19:55:29 GMT
etag: "4cc883b1-1380"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tik%2FYCnKdRn74zD%2BHdHPRD%2FJb7CIaD4aCPBVMy556%2FxBZoVz4p3hUgODEn1qIuQ%2BiQdaGE6lr4p9lXYye4OaZo4Q5r3X1hedzTg8aO5dd7MfI%2BIRopOnrLEi%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde50e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
al3omda.ahladalil.com/serviceworker.js
94.23.150.222200 OK 1.4 kB URL HTTP/2 al3omda.ahladalil.com/serviceworker.js
IP 94.23.150.222:0
Hash 83525bad5c832853ca0dba08a341b4c6
704f525aacf9131ac4a35f215b8e36312dc04a1d
72992f010b983340ee0114c277729c9b0e71961c44dd50f22251dd055aa59054
GET /serviceworker.js HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166823; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 42 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
Hash 0f7638bdba34bff6e8d33a6121d275a8
63ff800b622c819c3d2aac202156b5be8adf1862
ba634de8d2c89eae3b1babf01aa7952e1cc592e1bc95423e81b67306bddc6700
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Sun, 13 Nov 2022 02:20:08 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
2img.net/h/up.malware-site.www/images/7dno1133v3vin5uinm.jpg
104.21.235.175301 Moved Permanently 178 B URL HTTP/2 2img.net/h/up.malware-site.www/images/7dno1133v3vin5uinm.jpg
IP 104.21.235.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/up.malware-site.www/images/7dno1133v3vin5uinm.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 12 Nov 2022 02:20:09 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2HPTnAPQ4sYGzMgLzPD%2Bi3uKBMLPyiI5GCFnWgS%2BdYrFQZSE2BwQl5MlBvYZg88gJ%2Fj4zX4xmRnOjwWSfwOD%2F6M8m6BdMWIZC%2B65ah8Z%2BX9wsniJQQChPeDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde53e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f62/11/62/48/43/floral10.gif
172.67.178.62200 OK 33 kB URL HTTP/2 i.servimg.com/u/f62/11/62/48/43/floral10.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 245 x 350\012- data
Hash ad8383fb4a04e839c17c5a0188143d63
ae55537d7e9d819111933075605c2aee59ef703a
8599f443be05ec101ab61418edc886c444df9b7c0c14d0448939eb4eac622e67
GET /u/f62/11/62/48/43/floral10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 32967
last-modified: Sat, 02 May 2009 19:30:09 GMT
etag: "49fc9f41-80c7"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 15489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NG2OATbYcK%2BLh1KAzstiR1UPraxgg0A%2FH07q6YN%2BQ2BouM56isKmUDzYi9oOIulEH%2Fc12fEIsDR%2Bk64Gjnq0ayqYMS65%2Fya92DCJFpZ61ddyCn3ShpG793YNJZJPlPxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768bc96d898a0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_icon_mini_index.gif
104.21.235.175200 OK 2.5 kB URL HTTP/2 2img.net/s/t/14/62/55/i_icon_mini_index.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 73 x 33\012- data
Hash f2ea02d05da5519e66ee0cb82514771b
0711cff7149db9b311d1f6f9edd47bc74bd479c6
ec3e3d2f7afc7b8ff184afdd7a61c062c2069b4e9a1518c671589a1179af5490
GET /s/t/14/62/55/i_icon_mini_index.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 2470
last-modified: Wed, 27 Oct 2010 19:55:30 GMT
etag: "4cc883b2-9a6"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlVEwn8Nb8l%2FAMvmLAwqNBY2YWuP%2BlE3fzf7dpKK61baO9WpbedzTRI0tyflCWbhi4jLYrocQA%2F%2B%2BZhHyix%2B7n0TPpwztyjXLXfmZz3BO6NKf98Og3ps1pRSpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde4fe670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_icon_mini_login.gif
104.21.235.175200 OK 2.2 kB URL HTTP/2 2img.net/s/t/14/62/55/i_icon_mini_login.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 62 x 33\012- data
Hash f45e88910703bbd67831e5250b86c45f
ff29566b021560e691d2a7fd86d8cd99f85c695d
e078e5378beda870acea90f46d0cc865ade3d6d3e44858ac5d5b3d25d78a3ea1
GET /s/t/14/62/55/i_icon_mini_login.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 2231
last-modified: Wed, 27 Oct 2010 19:55:29 GMT
etag: "4cc883b1-8b7"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDP3Xtdk5JF0SoXcU3C8iYlaWf%2BjsKtlUT2D8hiq%2Bz%2Fs31S4rJINdCF%2BCPXPUz14w24UJhm5e47BCF6r36rm%2BdbSsoIt%2FhZNi4GphdMuZFUoaIX4Wq4rvU8v%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde51e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_icon_gender_female.gif
104.21.235.175200 OK 921 B URL HTTP/2 2img.net/s/t/14/62/55/i_icon_gender_female.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 4d23e226cbb3d387b784bbe49772b7aa
dada8d76097b787d26f9456787f793173fd8b2a9
20a671d4e599c05a17d1126b263b93d2d0dd06faeaeeb9809881aead8ac1478d
GET /s/t/14/62/55/i_icon_gender_female.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 921
last-modified: Wed, 27 Oct 2010 19:55:29 GMT
etag: "4cc883b1-399"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jW8OIET%2FpWx%2FBGPJo3OH44E56NxiHmvkzdOeV298%2BVUyQdhtkuT4NnXUgSPZqIUlaVDOCGNzRtHMmVnNNQz3q9ivz252J8cIE8BZieaEKdGMOFU3clw2ARMAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde56e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_vote_lcap.jpg
104.21.235.175200 OK 1.7 kB URL HTTP/2 2img.net/s/t/14/62/55/i_vote_lcap.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 86x51, components 3\012- data
Hash 88b1719b2f0609ab6b2e624602aeb346
daac1be7b196dd6efef1379094b3cab7da17f636
d70cd3a5a17ee7cce61f4bf1edaac20c504857524dcc2f8c8cef44b93245e704
GET /s/t/14/62/55/i_vote_lcap.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/jpeg
content-length: 1733
last-modified: Fri, 12 May 2017 13:19:08 GMT
etag: "5915b64c-6c5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTCLn0m3M3umow6LHN5p4PjOweMsKl1dXzUXr2%2B1TaAjBnDQ7FNxrES31HzH2b9M8WyB2efjC%2F23GGHGWfpyVa8jd6nnp%2B8HxFitdkebr4rDG5QhdoXLQL%2BH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde58e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_voting_bar.jpg
104.21.235.175200 OK 1.7 kB URL HTTP/2 2img.net/s/t/14/62/55/i_voting_bar.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 86x51, components 3\012- data
Hash 88b1719b2f0609ab6b2e624602aeb346
daac1be7b196dd6efef1379094b3cab7da17f636
d70cd3a5a17ee7cce61f4bf1edaac20c504857524dcc2f8c8cef44b93245e704
GET /s/t/14/62/55/i_voting_bar.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/jpeg
content-length: 1733
last-modified: Fri, 12 May 2017 13:19:08 GMT
etag: "5915b64c-6c5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BeQB8n9yw6Wc049IwgGwhUQG%2BxS6j%2BSLfMy50tmuXxBPZCDu2WidvY9WpUvLmwchjAc2wwdKGq%2BgJfHURacymxfhIP9IxCwC3LF04piQFDk7d5nD%2BWzKjfdAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee5fe670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_back_catg.jpg
104.21.235.175200 OK 6.7 kB URL HTTP/2 2img.net/s/t/14/62/55/i_back_catg.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 265x79, components 3\012- data
Hash ec1685887a1b0e8071ee520735b67005
a2ba9661b51fffc1becc298990c340053093c1aa
638d84a47aaf201ec058ed1d3ed5ba8e9a2a8596dca61d3d7932fa2134f666c2
GET /s/t/14/62/55/i_back_catg.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/jpeg
content-length: 6676
last-modified: Fri, 12 May 2017 13:19:08 GMT
etag: "5915b64c-1a14"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilZVhBFMp2vupmidpZGvHmf59Nm%2BeZpc0Jfc6jgSt5INnEk9RvO0zBR3AYlfD9TVAgb9OBTIlVWkZ9Qf4cd3ZOcNAnCRYE07CH1CvmuhftOZg%2BMfwBtRI%2BiVug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee61e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_icon_gender_male.gif
104.21.235.175200 OK 2.1 kB URL HTTP/2 2img.net/s/t/14/62/55/i_icon_gender_male.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 30 x 27\012- data
Hash e806c12960d48b0b9e9abdd06ea91e77
d6a010086f3d49cf88d502e89258927b30c0c372
c05cf610ee48994fbbf99608237f2cce3ffc4f3fb664688003edddfd098d71df
GET /s/t/14/62/55/i_icon_gender_male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 2066
last-modified: Wed, 27 Oct 2010 19:55:29 GMT
etag: "4cc883b1-812"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHBhBWJmoMAxjM6mE42fGTKzGrCJfuVAOKEv5XioXFpO8XxzuLHY0zyQPLgn4Lv3CIFHUHWHSLw9Wz5hTbrDOcYzPFa4VA%2BlCxK20OTBKkE9vMCbJks%2Fq1YhmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee63e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_icon_minipost.gif
104.21.235.175200 OK 15 kB URL HTTP/2 2img.net/s/t/14/62/55/i_icon_minipost.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 50 x 54\012- data
Hash cb656b904ef495da275181c691340e4b
e32728967423a4a827accbd4773b46afbf61fdd5
f08546c3884d322b5fc805712e40cd6bd04b162f76e9d653f160242e06e28123
GET /s/t/14/62/55/i_icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/gif
content-length: 14688
last-modified: Fri, 30 Oct 2009 19:43:47 GMT
etag: "4aeb41f3-3960"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JIf0FYDp05lug05nz9HiAat%2FnBjHH1KOWmB3RCm4%2Fel%2BSZPKdJJFZCLpHe8NcO65sXCDDQImWeQ5DYPv7jcXIO8U7DHdVJmq0nqVQFUNRBBKLaM8QYBbxOUBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee66e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_background.png
104.21.235.175200 OK 95 kB URL HTTP/2 2img.net/s/t/14/62/55/i_background.png
IP 104.21.235.175:0
File type PNG image data, 954 x 549, 8-bit colormap, non-interlaced\012- data
Hash df75d41f8356c887e202e182a49b740f
c18fc810b72ce92c526223604345d54c3709f203
674aafdf28329c6bc99a0541758f36e16ec59b0e488bcc47b659ae139744d5cc
GET /s/t/14/62/55/i_background.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/png
content-length: 95140
last-modified: Wed, 27 Oct 2010 19:22:26 GMT
etag: "4cc87bf2-173a4"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3f7XgHE8sPEVMaf4BEWgeufkvNXRIEwL0ifdf2Mvkk8tGsMgM5HM9zZ7zhwP2thOnJ8K%2BliWrNHHDRmUOByib0Afw91YLApk6Z7T9NM%2BTIfbuVMvh%2F5gu1AQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cde4ee670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ab3d6f225cf345db6457d943e228a3d
fae98547264ec39d2fe9e007c5aae04e4795f8a0
9f6f204893fc6e2194a69552b8d31388fa7f84f7aab5da1e551b987c7aacfad2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F6F204893FC6E2194A69552B8D31388FA7F84F7AAB5DA1E551B987C7AACFAD2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=76
Expires: Sat, 12 Nov 2022 02:21:25 GMT
Date: Sat, 12 Nov 2022 02:20:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ec4f7c64664e57c17cf3ea19694217a5
e5f92a95ac208cec56ab53fb82aa5eb6e68c0650
59f11857d3cfd3a5cabf3b63a2762970e06ff4ce0975af68a3f45b69a6a74c35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6353
Cache-Control: max-age=106742
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:09 GMT
Etag: "636de7fe-116"
Expires: Sun, 13 Nov 2022 07:59:11 GMT
Last-Modified: Fri, 11 Nov 2022 06:13:18 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
www.facebook.com/plugins/like.php?locale=en_GB&href=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?locale=en_GB&href=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?locale=en_GB&href=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: jUIHOWhSgza9MPmoZz7xI9QbMYHKKBRzn70I4KMaN7wg6Gax2X1mcGFJGstZXLYOXr81KEV4ARv8rtO7C8TEbg==
content-length: 0
date: Sat, 12 Nov 2022 02:20:09 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/62/55/i_vote_rcap.jpg
104.21.235.175200 OK 1.7 kB URL HTTP/2 2img.net/s/t/14/62/55/i_vote_rcap.jpg
IP 104.21.235.175:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 86x51, components 3\012- data
Hash 88b1719b2f0609ab6b2e624602aeb346
daac1be7b196dd6efef1379094b3cab7da17f636
d70cd3a5a17ee7cce61f4bf1edaac20c504857524dcc2f8c8cef44b93245e704
GET /s/t/14/62/55/i_vote_rcap.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/jpeg
content-length: 1733
last-modified: Fri, 12 May 2017 13:19:08 GMT
etag: "5915b64c-6c5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se62dH5FjzeHJNrpUwNTBs4sfDyWyWHryWKl6h7YsHBHZtxxCy3jXVqzL2KUPdSO7MucABv25MvbZqJOm4AccAxaVVGBF%2BRYqcOXN6V%2FRxJD8IsfVqz8omjUig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96cee60e670-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 997365ae1f9cd071bf979a1466dcb40b
1c382a0ab3f8eae5c8394d31235bd7263aa85557
c5f7ec201b56fab66d5dbe69991f1ea086c4a532ce6f5415b783c624ffa804d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=123963
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:09 GMT
Etag: "636e2cd2-139"
Expires: Sun, 13 Nov 2022 12:46:12 GMT
Last-Modified: Fri, 11 Nov 2022 11:06:58 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=al3omda.ahladalil.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=al3omda.ahladalil.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 5754d14add1012d0ae6dc05bb8b7832a
96de8536dbd576335cf7fc3d9e56f4a514cd0f36
a03cd7d6cccee0d823e2731450f1dea739f8a8c0ab209feab10136e063fa4de2
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=al3omda.ahladalil.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 77cbe77231df6953c5c05a4e41f9dc4c
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
i.servimg.com/u/f44/14/14/16/57/uoouu310.jpg
172.67.178.62200 OK 47 kB URL HTTP/2 i.servimg.com/u/f44/14/14/16/57/uoouu310.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 850x370, components 3\012- data
Hash 32fb2382dac9335a524f6dd70e858e1d
63d6f4c6ef76ef17710b90e18b99d171cc8c9ba5
59f2697bca19cdb2f15902e8cc2c253e073941ba6ed3056a7507b112558ab045
GET /u/f44/14/14/16/57/uoouu310.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: image/jpeg
content-length: 46898
last-modified: Fri, 02 Sep 2011 00:32:11 GMT
etag: "4e60240b-b732"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 11 Nov 2023 11:18:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVamSR47O%2Bat3HFPeTxUv3IpqAtoUGtz8JJl%2F7KSGLtRjszHPjGnx08tMMAFlrPfvs5OVGr%2BEFv24WKjoM5uxZv3w8eJb9r04547pn9eVngmPG7DIlXqL0q8zfdxvu3%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768bc96e29ac0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e9c88db553a1acf24123cf2b17519168
5e0775279e3fb3a1c84c452e919d5c5dbda10201
725c069823a91881e5959ad4a559788f412ba009ebfedfcb2ef26a3d438c19ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6101
Cache-Control: max-age=147896
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:09 GMT
Etag: "636e89bd-139"
Expires: Sun, 13 Nov 2022 19:25:05 GMT
Last-Modified: Fri, 11 Nov 2022 17:43:25 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=CBALzV80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPb2QwckolMkJaZnN0enBuZHhvYWlFTXJ5; expires=Thu, 07 Dec 2023 02:20:09 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 342037
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 62ee06035006c1261986cdb076ac4702
3f5acbf0c231ab9730d4cc45827a5b3aed58c66c
0b60b6cfe4f62af821b1f8a3c50cd618846cf090b079108c59595e6d90d65317
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1000
Cache-Control: max-age=115061
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:09 GMT
Etag: "636e1d66-139"
Expires: Sun, 13 Nov 2022 10:17:50 GMT
Last-Modified: Fri, 11 Nov 2022 10:01:10 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 62ee06035006c1261986cdb076ac4702
3f5acbf0c231ab9730d4cc45827a5b3aed58c66c
0b60b6cfe4f62af821b1f8a3c50cd618846cf090b079108c59595e6d90d65317
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1046
Cache-Control: max-age=115107
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:09 GMT
Etag: "636e1d66-139"
Expires: Sun, 13 Nov 2022 10:18:36 GMT
Last-Modified: Fri, 11 Nov 2022 10:01:10 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
gem.gbc.criteo.com/newidsd
185.235.84.216200 OK 1.7 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.216:0
File type JSON data\012- , ASCII text, with very long lines (1961)
Hash bf6bd9c02838c9f96dae609759cef08e
abb38d4ce5274a502e38e38113741d7f38a2d20c
e4ffa16c0094f53fb533d72e574ae2090229557673ebca72530ce8cbcc02767e
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 144999
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
54.230.111.25200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 54.230.111.25:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28567
date: Tue, 08 Nov 2022 12:47:31 GMT
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FOzAGmAsjheqCpL1PuzuJ6w-7IUyZwdF0MOPpjY90hyCxIx8rpWIKg==
age: 307959
X-Firefox-Spdy: h2
eshrag.net/vb/images/w4.gif
198.54.123.213301 Moved Permanently 0 B URL HTTP/1.1 eshrag.net/vb/images/w4.gif
IP 198.54.123.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vb/images/w4.gif HTTP/1.1
Host: eshrag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 02:20:09 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://eshrag.net/
Content-Security-Policy: upgrade-insecure-requests
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
platform.twitter.com/widgets.js?_=1668219608714
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js?_=1668219608714
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js?_=1668219608714 HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1402
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 12 Nov 2022 02:20:09 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
illiweb.com/rs3/64/frm/jquery/marquee/jquery.marquee.min.js
104.21.63.213200 OK 22 kB URL HTTP/2 illiweb.com/rs3/64/frm/jquery/marquee/jquery.marquee.min.js
IP 104.21.63.213:0
File type HTML document, ASCII text, with very long lines (4467), with no line terminators
Hash f3110ebd65a044417917c6f7ef496b96
10b4e4eec4a470d762de0366541e608e8174ee1b
e2ede4482b366c4ecc9255f23ce7584198142de79599753eed50d0380e63944e
GET /rs3/64/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Tue, 07 Nov 2023 08:27:36 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
cf-cache-status: HIT
age: 409952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuHh%2B1426ru3%2Fe5Mhnuy%2BRDgWv919XbZJ0okM1GBCVxr7oab5iizkDj9VvInHSO1Cx4xiHbWooS%2FVjhmnKG1U6nap4WL0nxtQgtprLg%2FM9kYUbOBs94cRVyR27Z36A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96afb05b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.181200 OK 26 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.181:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65448)
Hash e0e6bdcb702c2b9b709c1723d89fd12a
50e3131c6d9b1e4834d5cf47ea82023a7baaad5a
5d44e9d7ac1f55c2f5d5b704f7bfdf1c7d71e057883f16e42fbcd5255cc80e9e
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 151087
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fal3omda.ahladalil.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fal3omda.ahladalil.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fal3omda.ahladalil.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 791957
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 214052f4adfbb1c6e0ce0b54c297ed6d
6919947148dc5c2544e53e8a39533d5d96755289
e07038b643b4d302364592497f5b0c24fd3f9267dd1c1f266e6a55b5270cca40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5510
Cache-Control: max-age=101890
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:10 GMT
Etag: "636dd856-138"
Expires: Sun, 13 Nov 2022 06:38:20 GMT
Last-Modified: Fri, 11 Nov 2022 05:06:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4207
Expires: Sat, 12 Nov 2022 03:30:17 GMT
Date: Sat, 12 Nov 2022 02:20:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4207
Expires: Sat, 12 Nov 2022 03:30:17 GMT
Date: Sat, 12 Nov 2022 02:20:10 GMT
Connection: keep-alive
al3omda.ahladalil.com/images/icons-180.png
94.23.150.222200 OK 27 kB URL HTTP/2 al3omda.ahladalil.com/images/icons-180.png
IP 94.23.150.222:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a75595d558a4e8c491e4944295a37c5
a4636c0381e505f8f52fbdb3d1fa1203ae318436
b110dfab5c880c17bf7506990a5c1842384363a79ad27d2b22b1dead83a4c310
GET /images/icons-180.png HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/t118-topic
Cookie: exadd=166823; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:10 GMT
content-type: image/png
content-length: 26775
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 567bcdef39653e949301b97714168c31
8669185a5f338e34026c48310c88c5a9d8caa1c2
7ecaa9ceaa0a60e608e62571108fbcf49f6fa2b3e77feacbf52d319beda40db1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7533
x-amzn-requestid: 985674ba-be97-4ca3-babb-594c61f8d6c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8BEqFIAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e6-3abc6a525f2a2bde14465b7e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DRfYKF1_Z56kxeaprUhH1Ng8MgW0Z6Xx_yWwiO3MnswRFY482udCjg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:48 GMT
age: 16582
etag: "8669185a5f338e34026c48310c88c5a9d8caa1c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2img.net/h/www.w6w.net/album/35/w6w20050421015131159c9bdc06e.gif
104.21.235.175404 Not Found 12 kB URL HTTP/2 2img.net/h/www.w6w.net/album/35/w6w20050421015131159c9bdc06e.gif
IP 104.21.235.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 77e02d0da326994072837716a0fac7d8
4fa1997dcb6cfeabe1454ad5bce80d660ba5958d
7d7aebe51e650b6cf4a6448476aea30b6e75cea786e7e60e0a2805c8f068334e
GET /h/www.w6w.net/album/35/w6w20050421015131159c9bdc06e.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 12 Nov 2022 02:20:10 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKvtIkvjvKeNTfviJWn%2BFV7N9Ftdbym2Od6Qb5r5QcVSDzkSjvKYAmKATrZGfp7Q9plXNWz8nsR%2BwrDs9wqoBAHecD4150apcwW7Rk%2FNUEMabBSWKXwTJBcL5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768bc96cee62e670-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
IP 34.120.237.76:0
Hash ff8fd7a5c51fae1ff1a578d6422a376e
fd4ac18a39f29b5da0c7a3b177d4ce29ca229d4f
532139f444d27dc340b0eb8b761649fad7be52ba633da5eac65177b3681b28ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5902
x-amzn-requestid: 9c8be25c-9c96-4861-89c8-8b7bf06ffc16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNBrH2DoAMFqbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec20a-6c770a86581d1f7f4599684f;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ncUYc6gH2CYjxAwoVCC4MEj8Va5GGn1ZAg-gBmFtm5gzYIe898Ittg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
age: 16498
etag: "13535f16f207d4c19c1b6019757f6739a4531eeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 15553
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97c5c44bd44390f0c719f56ecee6d513
1d791a0dadbfbab7c9b377783587ff728b2008d8
5995012d66ee68690d198a0857848077bfe80d88b2f2987a54f2d896461f7275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6797
x-amzn-requestid: 3e8b7aaf-8e8a-4a04-8bc0-e18e6044a50a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-F3DIAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-3bfa53123a76e84f210fea38;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zz90ngWySbVf_cXv_HBcQpNfb4MCsTVTl5l5bBPL4MaPXAF4VIifdA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 16497
etag: "1d791a0dadbfbab7c9b377783587ff728b2008d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93b7017621a1a6181f14a2f125a1ad50
ab420d5a89044e863e543330e00aa00f12f1c490
da668278aacf51a38a1aaf687f3baf938dd288cf90ec791533c92e61ba716ed2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8188
x-amzn-requestid: 27e084b6-0fc0-4398-a591-8317e81b96c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMiTFvJoAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec141-33db0c401d7e5c1721b4365d;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: MXrj42s2oh1Fwhea0h3w20rZeSE7DCOIx0XvaXBL9EeLnseNffwveQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "ab420d5a89044e863e543330e00aa00f12f1c490"
content-type: image/jpeg
age: 16498
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65509)
Size 146 kB (146001 bytes)
Hash 88c487ac892a30204e98821760358d3a
a15fe00062e424617d405b27c3376831d502cb90
caed01e353e989f88d91dbea2b18991c111c4acdece297d0ff65eb50ffd5fd8b
GET /libtrc/impl.20221108-4-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7NIfjc5DF1L2B/kzlgqwEMQz6AeXPHeJ8bdJplySczuZ/p+wuSvwQmO0NIljPmdKYCKWw7PfupA=
x-amz-request-id: EGG6QY2K8WHEN44M
last-modified: Tue, 08 Nov 2022 09:41:14 GMT
etag: "88c487ac892a30204e98821760358d3a"
content-encoding: br
x-amz-version-id: Hr3XNjpCCkEC_aHpskXb5vO2HjdO2stg
content-type: application/javascript
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:10 GMT
via: 1.1 varnish
age: 2333
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 134
x-timer: S1668219610.444955,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 80
server: AmazonS3-br
content-length: 146001
X-Firefox-Spdy: h2
eshrag.net/
198.54.123.213200 OK 8.1 kB IP 198.54.123.213:0
Hash e9f2eafc0657f3f9ce5afa05c0bc0bea
37b3ddfc75ff1d12a244ab5d81f473d07dcd9c95
ed638cf67d62e489f08d626f96ab40e423e65e78a1c2643b84459681908f87a5
GET / HTTP/1.1
Host: eshrag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:20:10 GMT
Server: Apache
Link: <https://eshrag.net/wp-json/>; rel="https://api.w.org/", <https://eshrag.net/wp-json/wp/v2/pages/1183>; rel="alternate"; type="application/json", <https://eshrag.net/>; rel=shortlink
Content-Security-Policy: upgrade-insecure-requests
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f9bac29f68c64bd9f5825b5a0fea0601
3bd12797ee0b4f19c5ed0130b2f13dff79bbd73e
de2e3cd5331946b21b884fa24ff0aa5950d50b27775b6e0a8e6a798f976cdadb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111848
Date: Sat, 12 Nov 2022 02:20:10 GMT
Etag: "636dffc9-1d7"
Expires: Sun, 13 Nov 2022 09:24:18 GMT
Last-Modified: Fri, 11 Nov 2022 07:54:49 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sKnqWZYWGh1FsY215mqQM-5N70Lyl07tp8iV8Qat7lJTJfj1CQbojg==
Age: 5369
api.viglink.com/api/ping
63.34.148.32200 OK 260 B IP 63.34.148.32:0
File type ASCII text, with no line terminators
Hash ad60c57ec51c4efd682f1ba238ffaa39
5e72eecd3a3c184fcd5dc1570481fad6f5e59b33
ae81a8f759490510ca8edb1d35127ee8a62df711aa5fea26312f1b6811161762
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 140
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://al3omda.ahladalil.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=02%3A20%3A10.131&type=usage&msg=rtus&llvl=2&id=6605&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=02%3A20%3A10.131&type=usage&msg=rtus&llvl=2&id=6605&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=02%3A20%3A10.131&type=usage&msg=rtus&llvl=2&id=6605&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 02:20:10 GMT
x-fastly-to-nlb-rtt: 22591
access-control-allow-credentials: true
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
63.34.148.32200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 63.34.148.32:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
93.184.220.66200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 791946
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
63.34.148.32200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 63.34.148.32:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&gjid=377425440&_gid=2082157477.1668219610&_u=YEBAAUAAAAAAACAAI~&z=1928985241
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&gjid=377425440&_gid=2082157477.1668219610&_u=YEBAAUAAAAAAACAAI~&z=1928985241
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&gjid=377425440&_gid=2082157477.1668219610&_u=YEBAAUAAAAAAACAAI~&z=1928985241 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://al3omda.ahladalil.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Nov 2022 02:20:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.ar.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.ar.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Hash 2d142efeaba7448e5df7cf683b537f91
6d52991cc24f8286221a0ba9054dd7cbdff8f392
894d516bcb8649be4555ea9f12f36c6288290722d5094ab191cd8e4a9ab63424
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.ar.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 791236
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Etag: "ec08ea87b9f80eea128eb50a5f14cc90+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 14164
api.viglink.com/api/domains
63.34.148.32200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 63.34.148.32:0
File type ASCII text, with no line terminators
Hash 4b0e0dc86f74ccbc4815910a89b86f80
6c25cf70a708cd7a4b805c99d3c2f4ee703984b8
efff509d1999cc821fecb8e3bc35acec1fe033ee56c2bff03f117242ac96381a
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 292
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://al3omda.ahladalil.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc6bc0328a0b47b32c004162363f93e7
ea2e2e8dc44f9f53d1329b44683455b8cb95113b
0d8a3c793b15d06d3ad4d4d1b4a637711cda1aaf113443fa9137077ba5edf1b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=ahladalil.com&sn=FirefoxSyncframe&so=0&topUrl=al3omda.ahladalil.com&info=Rvxl3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPcHBKNnltNm13NDVOT2FiWVpadXJsOA&idsd=573567868,1674517497&cw=1&lsw=1
178.250.0.157200 OK 367 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ahladalil.com&sn=FirefoxSyncframe&so=0&topUrl=al3omda.ahladalil.com&info=Rvxl3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPcHBKNnltNm13NDVOT2FiWVpadXJsOA&idsd=573567868,1674517497&cw=1&lsw=1
IP 178.250.0.157:0
Hash fee77b591351285b7407165e7454667a
bbd86862f0678c1cff76e6e71eea069eb1b7b9e7
052355098dbbf3da8664905db3f4d55231921407b0f3b8d7692f74e5e18d5369
GET /sid/json?origin=publishertag&domain=ahladalil.com&sn=FirefoxSyncframe&so=0&topUrl=al3omda.ahladalil.com&info=Rvxl3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPcHBKNnltNm13NDVOT2FiWVpadXJsOA&idsd=573567868,1674517497&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1100298
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95b1eb262707a9caea4212f9e45e29e9
3e875e10c62e005db29a0e0bab955ff8832c5909
f5d94196634b1dbeb5bc7a3ec057dc6febb0895a7524943c39fc2864a8cb924f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5D94196634B1DBEB5BC7A3EC057DC6FEBB0895A7524943C39FC2864A8CB924F"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15861
Expires: Sat, 12 Nov 2022 06:44:32 GMT
Date: Sat, 12 Nov 2022 02:20:11 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Content-Type: application/json
Origin: https://al3omda.ahladalil.com
Content-Length: 773
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8747d446416e07333bfb52c97c7af41e
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Content-Type: application/json
Origin: https://al3omda.ahladalil.com
Content-Length: 469
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0191549404573a237f2ecf342a38d666
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 963d77ca83c1ef5c8c622f69fcaa7cd6
88c3b40efed3822d2dbea0e42bd0756c37628814
d89ac78823b96fe54d5b90628e7879f235e9090e0160d0f37ccab22d1ef69c69
GET /libtrc/userx.20221108-4-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GDnYjBbCiwHp61EcLghxyjr3oq5xzh2Eac7lyvlx+wORECinvMlUAQDcfbvFLT89+7IHtSoOyLI=
x-amz-request-id: 0JCWFZ09W7Y8GE4S
x-amz-replication-status: PENDING
last-modified: Tue, 08 Nov 2022 19:34:09 GMT
etag: "8be6f968f7c696b0b12bbfa029abd2bd"
x-amz-version-id: Ps6T8wFCySZBAs8KjVLJqdGfJsa23oNM
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
age: 42
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1668219611.242765,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 80
content-length: 5397
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.6/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1bb4fe57c8c100e340264f84207b752c
2a28aeb084639a401f0cd87aec8bbe850870526d
ad3a717d4868f3571cd032eb81b5cea3492d713c599acaa32872b2f03766528b
GET /lite-unit/3.9.6/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 10:48:33 GMT
etag: "defa80fca84ea6620e26bc79bffe323e"
server: AmazonS3
via: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Ahhmoz-qJnMshrGnf8PQmZnB8loqEuIOs8qi_oTh0T8V2-V2jCscaA==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 315042
x-served-by: cache-bma1645-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 9156
x-timer: S1668219611.243871,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29911
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjljMzNkOTdjMThmMjU3NjgwMmY3Y2YwMGE3YTI0ZTZmYzViM2FmZGI2ZGZmYmQ5YzA5OTc5Zjk0NzU1NTU3NjYiLCJ3IjoxMDAwLCJoIjo1NTgsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
151.101.85.44200 OK 7.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjljMzNkOTdjMThmMjU3NjgwMmY3Y2YwMGE3YTI0ZTZmYzViM2FmZGI2ZGZmYmQ5YzA5OTc5Zjk0NzU1NTU3NjYiLCJ3IjoxMDAwLCJoIjo1NTgsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ba7f1c3267e305b0c3b90ea3b93e2184
bbadf99f51403317df5b48d510f4f94b70634178
d1f92302eea5b5bef3ad285f5dfa71531a72a89aa249124595738bbe6dcdf9d0
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjljMzNkOTdjMThmMjU3NjgwMmY3Y2YwMGE3YTI0ZTZmYzViM2FmZGI2ZGZmYmQ5YzA5OTc5Zjk0NzU1NTU3NjYiLCJ3IjoxMDAwLCJoIjo1NTgsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 495139239821311341137997020229047688968,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 495139239821311341137997020229047688968,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "e121e3dc7f6aa7250ebab9d23a06d8a8"
last-modified: Sun, 11 Sep 2022 08:16:46 GMT
req-referer: https://www.digitalspy.com/tv/reality-tv/g30415958/love-island-2020-winter-cast-contestants-line-up/?slide=20
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 1f8e7acb0ffe51949d62bb5e6b0c38d5
x-envoy-upstream-service-time: 147
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 3806926
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kiad7000084-IAD, cache-lax10643-LGB, cache-iad-kcgs7200165-IAD, cache-bma1645-BMA
x-cache: HIT, MISS, HIT, HIT, HIT
x-cache-hits: 1, 0, 1, 22, 1
x-timer: S1668219611.244863,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjljMzNkOTdjMThmMjU3NjgwMmY3Y2YwMGE3YTI0ZTZmYzViM2FmZGI2ZGZmYmQ5YzA5OTc5Zjk0NzU1NTU3NjYiLCJ3IjoxMDAwLCJoIjo1NTgsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
x-vcl-time-ms: 1
content-length: 7130
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&_u=YEBAAUAAAAAAACAAI~&z=1804910401
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&_u=YEBAAUAAAAAAACAAI~&z=1804910401
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&_u=YEBAAUAAAAAAACAAI~&z=1804910401 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 02:20:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&_u=YEBAAUAAAAAAACAAI~&z=1804910401
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&_u=YEBAAUAAAAAAACAAI~&z=1804910401
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=2146572475.1668219610&jid=823642141&_u=YEBAAUAAAAAAACAAI~&z=1804910401 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 02:20:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22ahlamontada%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1668219610469%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=8cbcb5dfe3467038179c1a24c9e000403177034a
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22ahlamontada%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1668219610469%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=8cbcb5dfe3467038179c1a24c9e000403177034a
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22ahlamontada%22%2C%22language%22%3A%22ar%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1668219610469%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=8cbcb5dfe3467038179c1a24c9e000403177034a HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:10 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sat, 12 Nov 2022 02:20:11 GMT
content-length: 43
x-transaction-id: 6779cdb2d3ec28d3
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: 0db6e26211cc97861e5b86705a6a8615997002a238f67da3df9e18304d9a10c2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e77226ab0203fc09a691a52246faab02
1a3f09e23b45a7ebb764b420a63bdfdfdf3224e1
6fe862e1f0da1edeede75bdbf9d76544b16fe923ae49f6954ded7e263f2d8c4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1582
Cache-Control: max-age=109507
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:11 GMT
Etag: "636e0570-117"
Expires: Sun, 13 Nov 2022 08:45:18 GMT
Last-Modified: Fri, 11 Nov 2022 08:18:56 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
tzegilo.com/stattag.js
172.67.194.45200 OK 5.5 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (13017), with no line terminators
Hash 45ab2285bec2f66a431d06b1d5384769
0d7d2e80a13de1b664f9b80f07ba88036108e903
d36c3dad06643b080250c485602f736bcca7959aec3d7a524dbc78576245a4ae
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9s8o7EBxw%2F4lK5q%2BlO6xn6rkiXAUgNrjK0%2Fh7DYt6WjMFrGPJ4fcz7xtBgvo%2B%2BA9viT81UubmXC11E2xEsYFiMsO71CJstOf3LKtAN4Ryhyq9QJ5cKPxWClpHtmapA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc97bed39b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 21817fa3c60612398404dbe75d383a1a
2d5e08988401c8d0adb24fb26987a0ee26544b4e
12cf02219c8cf9fe9b31f48e19ec88ff888a4ca87a7af1c47eff60a9c5865bfe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:20:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:25:29 GMT
Expires: Thu, 17 Nov 2022 18:25:28 GMT
Etag: "2d5e08988401c8d0adb24fb26987a0ee26544b4e"
Cache-Control: max-age=489316,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768bc97c2fc1b527-OSL
my.rtmark.net/gid.js?userId=ea28f027664c4ed9a5d40e877a14e89b
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=ea28f027664c4ed9a5d40e877a14e89b
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1cd15fa0c29164cf661bb65a9cc6b51d
3b778057be9826e06a9b9844e281153818c67e40
8b9c882098ebe51b09e878d0e51071083bf35eb38abe3197a3c68dfc6c13f6e5
GET /gid.js?userId=ea28f027664c4ed9a5d40e877a14e89b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ea28f027664c4ed9a5d40e877a14e89b; expires=Sun, 12 Nov 2023 02:20:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f84/14/14/69/14/www_fu12.jpg
151.101.85.44200 OK 3.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f84/14/14/69/14/www_fu12.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 104279a51f1953af6b64d170fe0c1f24
51e141cb9d4c4d5230f1f2441b539583a61c5972
c1074df8e9a4521168a357670749aadbec469481a589e500716aa04805c0c7ed
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f84/14/14/69/14/www_fu12.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 495608967424956178633032521134594536152,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 495608967424956178633032521134594536152,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "c28f5ee7fb3a02e5eec4f368be57eeb7"
last-modified: Sun, 06 Nov 2022 07:35:39 GMT
req-referer: https://geniecivil.keuf.net/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 77c60ce680a6db127c64ff5b58565033
x-envoy-upstream-service-time: 129
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 279530
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kcgs7200120-IAD, cache-chi-klot8100084-CHI, cache-iad-kiad7000093-IAD, cache-bma1645-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 12, 1
x-timer: S1668219612.640251,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f84/14/14/69/14/www_fu12.jpg
x-vcl-time-ms: 1
content-length: 3342
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/13/46/i_logo.png
151.101.85.44200 OK 13 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/13/46/i_logo.png
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 672a18b1f7ac0e98d494774e97ee6eca
d2bf36e86372dc869cc6db7c51e017424c07c1a4
9b689f55ab2df9487fcd903769d19cf578e60eae9ceec8eec9dd23e8be59fdbd
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/13/46/i_logo.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 300655712052199171545574879548997087647,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 300655712052199171545574879548997087647,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
etag: "34ecfb149365bf77309df36056fe2549"
expiration: expiry-date="Fri, 30 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 30 Aug 2022 08:55:20 GMT
req-referer: https://al-ruqya.ahlamontada.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 905
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 4940656
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kiad7000052-IAD, cache-lga21922-LGA, cache-iad-kjyo7100051-IAD, cache-bma1645-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 8, 1
x-timer: S1668219612.640647,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/13/46/i_logo.png
x-vcl-time-ms: 1
content-length: 13336
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 12 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7e2823d12a0e69784dd9f2ccaef4af99
aa947ae91377e23dea893475dba70c3be8ef1ede
61d9bf4438034b826c366ab50bfb546989ed5c3cddd19f6569705d6030ec4abf
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "b3c9505a19038b4db67c1b73ca53d270"
last-modified: Tue, 04 Oct 2022 10:35:32 GMT
req-referer: https://espoir.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 2326e4eb2090fbf37472b9c3ee9648d9
x-envoy-upstream-service-time: 1304
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 1976381
x-served-by: cache-iad-kcgs7200155-IAD, cache-iad-kcgs7200020-IAD, cache-lax10633-LGB, cache-iad-kcgs7200059-IAD, cache-bma1645-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 46, 1
x-timer: S1668219612.640953,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 12202
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
151.101.85.44200 OK 8.6 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0d730728cd19c8bb7337ab619d412568
050455bf29bd27121b0151d9f82c3739f173dd48
c737b8c625f0881771f52bfd92a45407ae550b515b1e5212c1cfbc63c9c0a653
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 549930644253185078118877309127813515040,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 549930644253185078118877309127813515040,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "9f4fd3f25295fc11b6ab3597fc8b7691"
expiration: expiry-date="Thu, 27 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 26 Sep 2022 18:23:49 GMT
req-referer: https://ksa001.ahlamontada.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 105
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 2731930
x-served-by: cache-iad-kjyo7100073-IAD, cache-iad-kiad7000119-IAD, cache-lax10667-LGB, cache-iad-kcgs7200117-IAD, cache-bma1645-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 124, 1
x-timer: S1668219612.641305,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
x-vcl-time-ms: 1
content-length: 8588
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
151.101.85.44200 OK 5.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d65770a978e97f8a2e0702660dcc371
44e306f08e5af8e4ca2ceb97ec8361b9e693f322
b78ba46b24021d32bbf4679d64dd112f2164bb3a17a62aae0aedcbaa4f5f437a
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "2e4f6466dae29a54e4d540a2389ed4c3"
last-modified: Wed, 21 Sep 2022 17:34:33 GMT
req-referer: https://pakistanar.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 8e2eafe381a0c3fd9e2d7e3012280c5f
x-envoy-upstream-service-time: 149
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
age: 4371825
x-served-by: cache-iad-kjyo7100042-IAD, cache-iad-kiad7000157-IAD, cache-lga21939-LGA, cache-iad-kcgs7200074-IAD, cache-bma1645-BMA
x-cache: HIT, MISS, HIT, HIT, HIT
x-cache-hits: 1, 0, 1, 184, 1
x-timer: S1668219612.641409,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 1
content-length: 5812
X-Firefox-Spdy: h2
api.viglink.com/api/domains
63.34.148.32200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 63.34.148.32:0
File type ASCII text, with no line terminators
Hash d055bbefab5815928dbb8ff6bc7bbb7c
2353597e38f191b769497aa73039e7ca9f5b3d3b
644690a3382b51684abc5e31347586a37bb497dafd72e242b7ce20daa37eb8a6
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 290
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://al3omda.ahladalil.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 12 Nov 2022 02:20:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=02%3A20%3A10.879&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3456&cv=20221108-4-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=02%3A20%3A10.879&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3456&cv=20221108-4-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=02%3A20%3A10.879&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3456&cv=20221108-4-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
x-fastly-to-nlb-rtt: 72373
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=02%3A20%3A10.136<i=deflated&data=%7B%22id%22%3A282%2C%22ii%22%3A%22%2Ft118-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668219610135%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22vpi%22%3A%22%2Ft118-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5663%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A485%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5600.41650390625%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft118-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 13 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=02%3A20%3A10.136<i=deflated&data=%7B%22id%22%3A282%2C%22ii%22%3A%22%2Ft118-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668219610135%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22vpi%22%3A%22%2Ft118-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5663%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A485%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5600.41650390625%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft118-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (42629), with no line terminators
Hash c331bc125e3851da8dc90498bfe38c32
a5ef8124ec1356781f1c2eb7e2c2f7e617b36629
d9b24c99c85417bc047d64288a459cf81d62f19960a16dda40030b136973769e
GET /forumotion-ar/trc/3/json?tim=02%3A20%3A10.136<i=deflated&data=%7B%22id%22%3A282%2C%22ii%22%3A%22%2Ft118-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1668219610135%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic%22%2C%22vpi%22%3A%22%2Ft118-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5663%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A485%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5600.41650390625%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft118-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668219611.706011,VS0,VE410
vary: Accept-Encoding
x-vcl-time-ms: 410
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&cmcv=&pix=31589837&cb=1668219611178&uv=3241&tms=1668219611178&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668219607125!ts:1668219611178&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&cmcv=&pix=31589837&cb=1668219611178&uv=3241&tms=1668219611178&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668219607125!ts:1668219611178&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&cmcv=&pix=31589837&cb=1668219611178&uv=3241&tms=1668219611178&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668219607125!ts:1668219611178&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-length: 0
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_1/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_1/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_4_1/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: bAySMeSEXUGF3N8aZ6rmf8GYDZEd5K/VMoUKcFg92G+JmjfEGiEl/M1DtvrgnTYRvY/caUbbLEE=
x-amz-request-id: BD24MC3C62DTEDFC
last-modified: Thu, 10 Nov 2022 16:15:38 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1668096937
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1668096936
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
age: 122206
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 29010
x-timer: S1668219612.891584,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.216200 OK 128 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.216:0
Size 128 kB (127569 bytes)
Hash 150ae506d60170d5e0da4e6a7d782c5e
5ba8d195c4f39d7aa51c1d6f886a4deaa25f1f4d
7ca88ff4bfb922607ea4f5c43f55c2319fc1135b2da07d2ee8b9aadd4d47ce0f
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 90807
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&cmcv=&pix=31589837&cb=1668219611308&uv=3241&tms=1668219611308&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668219607125!ts:1668219611308&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&cmcv=&pix=31589837&cb=1668219611308&uv=3241&tms=1668219611308&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668219607125!ts:1668219611308&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&cmcv=&pix=31589837&cb=1668219611308&uv=3241&tms=1668219611308&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1668219607125!ts:1668219611308&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:12 GMT
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3359
Cache-Control: max-age=168530
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:12 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:09:02 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3359
Cache-Control: max-age=168530
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:12 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:09:02 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec93fe7a742852d8a6fd8c479d800df2
bdba16a4ad71ba2eddef98304fecfa404ed8159c
6b872023978c998d272c0b07ebb7e8f3c1e1b198b6517f1627673945839fc10a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3359
Cache-Control: max-age=168530
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:12 GMT
Etag: "636ee510-1d7"
Expires: Mon, 14 Nov 2022 01:09:02 GMT
Last-Modified: Sat, 12 Nov 2022 00:13:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://al3omda.ahladalil.com
server-processing-duration-in-ticks: 816155
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=8957eb17-6230-11ed-92e9-1a3cf9d10506; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8957eb4c-6230-11ed-92e9-1a3cf9d10506
X-fe: 55
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=895bdc5b-6230-11ed-b419-1f057aaa0406; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bdc94-6230-11ed-b419-1f057aaa0406
X-fe: 131
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8957eb4c-6230-11ed-92e9-1a3cf9d10506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8957eb4c-6230-11ed-92e9-1a3cf9d10506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8957eb4c-6230-11ed-92e9-1a3cf9d10506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=895c1e3d-6230-11ed-8b4d-16821cb20406; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 60
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=895bf866-6230-11ed-84eb-18b2794d0406; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf8b1-6230-11ed-84eb-18b2794d0406
X-fe: 66
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=895bf922-6230-11ed-90cb-1384e0ef0406; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf964-6230-11ed-90cb-1384e0ef0406
X-fe: 45
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ag.gbc.criteo.com/newidsd
178.250.6.181200 OK 820 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.181:0
Hash 60cf5835134cbe7a41df142df3927d7e
5dab33527d5ffb961459408792ca7ec54a3167f0
a29b017b2a1248dfafb76b1f319506be8cb80268d02a97c62938114686a7327f
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 129174
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 904
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://al3omda.ahladalil.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash c5ca352cbbba7b90d3182d4d36da3837
b64d6bc104ee6c56a9f54d42c96249fcad6601fa
e8c98d8b3f89ce47bfe3d19c97e046b798a3dda67ca12626a210c52a6828d663
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 16 Nov 2022 00:16:38 GMT
ETag: "b64d6bc104ee6c56a9f54d42c96249fcad6601fa"
Last-Modified: Sat, 12 Nov 2022 00:16:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1398
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 768bc9807ee5b521-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8b147b232c947085ab22b0e44cbbe6b1
5c4bdac252f4d9837ae0a40f538f6c35667eb571
0ea7988a73324142d61d29125de9e76662bdf44b4c2a22f1361293e52a63ad0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1656
Cache-Control: max-age=138731
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:12 GMT
Etag: "636e774f-13a"
Expires: Sun, 13 Nov 2022 16:52:23 GMT
Last-Modified: Fri, 11 Nov 2022 16:24:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:12 GMT
via: 1.1 varnish
age: 1363489
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 74578
x-timer: S1668219612.294271,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:12 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bdc94-6230-11ed-b419-1f057aaa0406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bdc94-6230-11ed-b419-1f057aaa0406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bdc94-6230-11ed-b419-1f057aaa0406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=8981b223-6230-11ed-9cd1-1bf9ad920306; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 138
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf8b1-6230-11ed-84eb-18b2794d0406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf8b1-6230-11ed-84eb-18b2794d0406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf8b1-6230-11ed-84eb-18b2794d0406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=898222a2-6230-11ed-9456-14e583300306; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 116
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf964-6230-11ed-90cb-1384e0ef0406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf964-6230-11ed-90cb-1384e0ef0406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=895bf964-6230-11ed-90cb-1384e0ef0406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=8982524a-6230-11ed-b420-14604df00206; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 20
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:12 GMT
age: 1632377
x-served-by: cache-bma1645-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 110921
x-timer: S1668219612.396020,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3514
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668219612.334605,VS0,VE81
x-vcl-time-ms: 81
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:12 GMT
via: 1.1 varnish
age: 10090
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 230
x-timer: S1668219612.440141,VS0,VE0
cache-control: private,max-age=31536000
abp: 80
content-length: 254
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash a1ed8df21e4c04c289cefd12923979a5
51d04bca37ce80efe20927861a53aeb2814e9f1b
bea756f99dba5fba84e2b57dd43191cf06c14f61a2a30175b308cb1d30b1fef3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144111
Date: Sat, 12 Nov 2022 02:20:12 GMT
Etag: "636e82b5-1d7"
Expires: Sun, 13 Nov 2022 18:22:03 GMT
Last-Modified: Fri, 11 Nov 2022 17:13:25 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3h-ltqympmjXmRo_JMst1YfRNgAWEzK-bPKNokp5p51aOHBn4fdVvw==
Age: 4118
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=89b55d14-6230-11ed-a995-17ca89300206; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b55d54-6230-11ed-a995-17ca89300206
X-fe: 132
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 1.1 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1102), with no line terminators
Hash 2dd3ea13a4ddfadb10d95540a595271d
d26d892723951d9e3b0f93cb852aafa472196832
7a8d4b47e33eb733a52ec68d1e543d949b426c3e2eb8d836f83a842e957e1bb7
GET /sync?dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:12 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4de33015ba155dcb5ef7c74c9533d120
36f2bb041a3a01b2196b55d0b64b49e144d033f4
11d8378a9a1e894d5b6bf1aee7d08bb8209063779c0f59e1c1d9f735514b6f2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2399
Cache-Control: max-age=135134
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:20:12 GMT
Etag: "636e665b-1d7"
Expires: Sun, 13 Nov 2022 15:52:26 GMT
Last-Modified: Fri, 11 Nov 2022 15:12:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b55d54-6230-11ed-a995-17ca89300206
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b55d54-6230-11ed-a995-17ca89300206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b55d54-6230-11ed-a995-17ca89300206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=89bcba2f-6230-11ed-9d0e-18b2794d0206; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 66
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b81cb3-6230-11ed-8716-1093d7b30406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b81cb3-6230-11ed-8716-1093d7b30406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=89b81cb3-6230-11ed-8716-1093d7b30406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=89be2fa0-6230-11ed-8022-1e1d47870506; expires=Sat, 10-Dec-2022 02:20:12 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 104
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
3.230.192.196200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 3.230.192.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:12 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:12 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.21.206.244301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.21.206.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Sat, 12 Nov 2022 02:20:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 12 Nov 2022 02:20:12 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNwCb2MCEJ2fZFokzmcZMUXnPot_Al0FEgEBAQFUcGN4YwAAAAAA_eMAAA&S=AQAAAgLejf2yt372DFAo5-1eX_E; Expires=Sun, 12 Nov 2023 08:20:12 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 02:20:12 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:20:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=602796,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768bc9837aabb527-OSL
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
3.230.192.196200 OK 9.9 kB URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 3.230.192.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f7526f676ef7463128b3b01a46b08796
822456867b7c693c4de38f5b6ddc0b00df05097e
3dce9deb9ca9ee41869d03115a663a3a008eb88cbde773a6b9db32fad029edac
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:12 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 785 B URL HTTP/2 am-match.taboola.com/sync?dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash 3b2809da542e8161b33c5961cb3336d2
fefb00be5ae761576ab1dfd1cf5a1f6d21509fb0
06efab90124b98263043266818599bba4f7983dcddb1fa4adaa3f24bac7982f8
GET /sync?dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:12 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:13 GMT
via: 1.1 varnish
age: 1060
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 280
x-timer: S1668219613.160806,VS0,VE0
vary: Accept-Encoding
abp: 80
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://al3omda.ahladalil.com
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:13 GMT
via: 1.1 varnish
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=af068f6052aa4e65a398bc02cbfd96d4&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=af068f6052aa4e65a398bc02cbfd96d4&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1cd15fa0c29164cf661bb65a9cc6b51d
3b778057be9826e06a9b9844e281153818c67e40
8b9c882098ebe51b09e878d0e51071083bf35eb38abe3197a3c68dfc6c13f6e5
GET /gid.js?pub=0&userId=af068f6052aa4e65a398bc02cbfd96d4&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Cookie: ID=ea28f027664c4ed9a5d40e877a14e89b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:16 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ea28f027664c4ed9a5d40e877a14e89b; expires=Sun, 12 Nov 2023 02:20:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:10 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 925264
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=HV3OnCgbQS2NLejXSy8flAFwE3x2zITSRDod1z_biKv0O6BUQETXEYme4D42kpWCLjJ4AKEQqapNM47qVz8Fd7Z-L7BX5pwZCYfW9os8VVGRVMuxQZdizuIfHXLT5UVN48M6gYBJRpMYF2lVCvOpCX19LAsNDoU7Vnoyp9SB2v0IXZKBpxLa8BQhzH9y7Dbli-BZvIU6-soGlv6x3aCIArspB_c6G4xLFANYnNqi5NTzapnYUfVGzQ%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=8&pl=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=e1b4a721-b03a-43db-92be-d2773001f251&userId=ea28f027664c4ed9a5d40e877a14e89b&m=link
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/?rb=HV3OnCgbQS2NLejXSy8flAFwE3x2zITSRDod1z_biKv0O6BUQETXEYme4D42kpWCLjJ4AKEQqapNM47qVz8Fd7Z-L7BX5pwZCYfW9os8VVGRVMuxQZdizuIfHXLT5UVN48M6gYBJRpMYF2lVCvOpCX19LAsNDoU7Vnoyp9SB2v0IXZKBpxLa8BQhzH9y7Dbli-BZvIU6-soGlv6x3aCIArspB_c6G4xLFANYnNqi5NTzapnYUfVGzQ%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=8&pl=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=e1b4a721-b03a-43db-92be-d2773001f251&userId=ea28f027664c4ed9a5d40e877a14e89b&m=link
IP 139.45.195.8:0
GET /?rb=HV3OnCgbQS2NLejXSy8flAFwE3x2zITSRDod1z_biKv0O6BUQETXEYme4D42kpWCLjJ4AKEQqapNM47qVz8Fd7Z-L7BX5pwZCYfW9os8VVGRVMuxQZdizuIfHXLT5UVN48M6gYBJRpMYF2lVCvOpCX19LAsNDoU7Vnoyp9SB2v0IXZKBpxLa8BQhzH9y7Dbli-BZvIU6-soGlv6x3aCIArspB_c6G4xLFANYnNqi5NTzapnYUfVGzQ%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.2&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=8&pl=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.2&bs=e1b4a721-b03a-43db-92be-d2773001f251&userId=ea28f027664c4ed9a5d40e877a14e89b&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Cookie: OAID=ea28f027664c4ed9a5d40e877a14e89b; oaidts=1668219611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json
x-trace-id: 7717b58e255326391c8e358a4f7c9ba3
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ea28f027664c4ed9a5d40e877a14e89b; expires=Sun, 12 Nov 2023 02:20:11 GMT; path=/; secure; SameSite=None
oaidts=1668219611; expires=Sun, 12 Nov 2023 02:20:11 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 19 Nov 2022 02:20:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
al3omda.ahladalil.com/t118-topic
94.23.150.222200 OK 0 B URL HTTP/2 al3omda.ahladalil.com/t118-topic
IP 94.23.150.222:0
GET /t118-topic HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 02:20:08 GMT
vary: User-Agent
set-cookie: exadd=166823; expires=Sat, 12-Nov-2022 06:20:08 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/ograph/fb_login.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/ograph/fb_login.js
IP 104.21.63.213:0
GET /rs3/64/frm/ograph/fb_login.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:33:34 GMT
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 409594
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd1NL%2BJefqJMMAB6GTigIbZsEkJZT8RiYcOArzRD5elWpautM4jSSh%2FUhynTijBTWZs5DafahNWfBGqNdkH3NEoWalQktM17ezlPb%2B7JH9TjMSogtwQ0eivKhQ%2BQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96acae8b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/jquery/cookie/jquery.cookie.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/jquery/cookie/jquery.cookie.js
IP 104.21.63.213:0
GET /rs3/64/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:48 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 410000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbf9GlLmsJ0QIXVZPD3ngaJ6jUBp0dLRfzDg4HuXHAiRWqPMhW05Qfna4z01pNGyBS3ZTwTjHBB1eZCRlBpkQw3g0peS4JYDRejHLUBNW61uJCZmUQblVOI%2F%2FqFO6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96afb00b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.403
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.403
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.403 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-180b9"
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=al3omda.ahladalil.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=al3omda.ahladalil.com
IP 178.250.0.157:0
GET /syncframe?origin=rtus&topUrl=al3omda.ahladalil.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=512e30ee-9e8a-4941-972c-bc5afa1fdd56; expires=Thu, 07 Dec 2023 02:20:10 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 647682
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=Rvxl3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPcHBKNnltNm13NDVOT2FiWVpadXJsOA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=ueZZl180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPb3lyZ3BWbU1SWTVpUm5mQU9sY2VvRQ; expires=Thu, 07 Dec 2023 02:20:11 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 327095
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=al3omda.ahladalil.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=al3omda.ahladalil.com
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=al3omda.ahladalil.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=52c0b508-a66c-4c88-8a8f-10d4a0a501d6; expires=Thu, 07 Dec 2023 02:20:08 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1114944
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/
x-crto-bundle: jdFQG19YaEtCNHBUald0bzNFdWp3cHI4dnhOVFRiSUtGUUJBMG9YUzNtJTJGN2xDJTJGYVNJNEt4R21SSDRmZzU0QmtraHNwZVMxTGJzNnVtd2syRVc2b29MYzNNb015UVR3Z1p6dXB6TTJSeVAwV1FDbndZOHIwY2ZDcTNDblJ2TTRCQVdQMFN1WFZFSHA0M0dCQ0dxQU0wTXlMWXJnJTNEJTNE
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://al3omda.ahladalil.com
server-processing-duration-in-ticks: 1850038
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/javascript
x-trace-id: aafdcc58d72073a5d2861f4f4786d13d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ea28f027664c4ed9a5d40e877a14e89b; expires=Sun, 12 Nov 2023 02:20:11 GMT; path=/; secure; SameSite=None
oaidts=1668219611; expires=Sun, 12 Nov 2023 02:20:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Mon, 12 Dec 2022 02:20:08 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: B5FC:2175:C309F5:C881C1:636AA98C
vary: Accept-Encoding
x-fastly-request-id: 48372c21b0bf5018e69e7ec519f4fa657be68bc8
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&encoded=1&uid=0fca5cc4-a0f8-41ba-803b-2928812e17a7-tucta68885a&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668219610719&tagid=&cntry=NO&platform=1&sesid=83ac7f24c260109e3b719ee7e915960c&itemid=/t118-topic&viewid=1668219610135&geolat=&geoing=&deviceifa=&appid=&sd=v2_83ac7f24c260109e3b719ee7e915960c_0fca5cc4-a0f8-41ba-803b-2928812e17a7-tucta68885a_1668219610_1668219610_CNawjgYQ3pxDGJfIjM3GMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=58f0626c2d96bd68c824c9031249b6ce&appname=&cdb=&gdprApplies=true&rid=&sii=-6165347848957246325&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8777
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&encoded=1&uid=0fca5cc4-a0f8-41ba-803b-2928812e17a7-tucta68885a&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668219610719&tagid=&cntry=NO&platform=1&sesid=83ac7f24c260109e3b719ee7e915960c&itemid=/t118-topic&viewid=1668219610135&geolat=&geoing=&deviceifa=&appid=&sd=v2_83ac7f24c260109e3b719ee7e915960c_0fca5cc4-a0f8-41ba-803b-2928812e17a7-tucta68885a_1668219610_1668219610_CNawjgYQ3pxDGJfIjM3GMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=58f0626c2d96bd68c824c9031249b6ce&appname=&cdb=&gdprApplies=true&rid=&sii=-6165347848957246325&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8777
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fal3omda.ahladalil.com%2Ft118-topic&encoded=1&uid=0fca5cc4-a0f8-41ba-803b-2928812e17a7-tucta68885a&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1668219610719&tagid=&cntry=NO&platform=1&sesid=83ac7f24c260109e3b719ee7e915960c&itemid=/t118-topic&viewid=1668219610135&geolat=&geoing=&deviceifa=&appid=&sd=v2_83ac7f24c260109e3b719ee7e915960c_0fca5cc4-a0f8-41ba-803b-2928812e17a7-tucta68885a_1668219610_1668219610_CNawjgYQ3pxDGJfIjM3GMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=58f0626c2d96bd68c824c9031249b6ce&appname=&cdb=&gdprApplies=true&rid=&sii=-6165347848957246325&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8777 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668219611.249325,VS0,VE44
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1668219611201&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-1066758959&tz=0&viewable=true&ddast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&mPre=0.025&cirf=https%3A%2F%2Fal3omda.ahladalil.com&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1668219611201&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-1066758959&tz=0&viewable=true&ddast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&mPre=0.025&cirf=https%3A%2F%2Fal3omda.ahladalil.com&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1668219611201&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-1066758959&tz=0&viewable=true&ddast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&mPre=0.025&cirf=https%3A%2F%2Fal3omda.ahladalil.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://al3omda.ahladalil.com
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1406
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://al3omda.ahladalil.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668219612.759663,VS0,VE92
vary: Accept-Encoding
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&cmcv=&pix=undefined&cb=1668219611309&uv=3241&tms=1668219611309&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4657bfcf-2a96-4ab3-8560-0b10b7148327&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&cmcv=&pix=undefined&cb=1668219611309&uv=3241&tms=1668219611309&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4657bfcf-2a96-4ab3-8560-0b10b7148327&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7b6QCFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJDRb7SY2j80tWThna9HC4lkLV7PBWjBxDCa-xWi4meyGQEK-kcu4Mi7WwuFqtRatNr61wmLzrFUT42bj2nhGHpfHCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjegoOl0-Fz3eoXZs3ebHHaF0ewwOcxOs13jd_tFj8VwLfobnh47AAAAADwAWL1lQvwAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgABiQXGgAfHIQvOfs9wcAQMMWCACAAAYJwMBqQAnAx_nKCQAAAAAAAAAAy____38MwB7WmAzAyP5OD8CDD8ADUYFqESMAAACALS0VzaNJnVBZVAEAEKRbAVwBAAQQpo2i9IUBAAAEjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzSht9HrtCCW0Wu1X0AAgLVfQAAANnUDAHgLgAs6glYMBqtTiN1wttiNZpvR7AAAAADu_v____VAcLPw-GaW0cYyGywGy5Vn4lssVy7fyrlYLWeDjfeC_V7d6B68Rvs8hGX2-w4iludr-hsOMr7l9TaIiq63xe5wmj33o2jJcrfcrUaTxWi0XG52w81osL-BGKwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKlqyWy-Vqs1mtdqPFbLBZDjcbpGjVajbaDIar2WS2262Gg-FyNEKKlix3y91qNFmMRsvlZjfcjAZDhIGZx-HaeExrhWFmXIsWE4dbONhM3JLlZDhcTFaO3cK3Fr0-podtOByuFl4UDNjYi-Aincj8ltfbb3r67W6F5SKWaE4W6UR22Rc3C49vZhltLLPBYrBceSa-xXLl8q2ci9VyNtj4CzOPw7XxmNYKw8y4Fi0mDrdwsJm4JcvJcLiYrBy7hW8ten1MD9twOFwt_I3ZbDhZLGeLwb4xmw0ni-VsMdh36Azf1edsdAbHE49Kc1LdnB2bw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRnC7SiehlPF3EEsnTIp2ohjPDbDLbWEbO2cRkG26Mk9HGOdgsJqPlxLZxWcQSpekinehFj8VwLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_oui6QurPbnZV4ZCW9V-IFosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fiMmBQi_8yJWfAHe73QA!&cmcv=&pix=undefined&cb=1668219611309&uv=3241&tms=1668219611309&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4657bfcf-2a96-4ab3-8560-0b10b7148327&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668219612.862140,VS0,VE26
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=CBALzV80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPb2QwckolMkJaZnN0enBuZHhvYWlFTXJ5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Rvxl3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQlI3eFZxcVpHMThOcERLTlViSFRPcHBKNnltNm13NDVOT2FiWVpadXJsOA; expires=Thu, 07 Dec 2023 02:20:10 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 290904
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/embed/FA_Embed.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/embed/FA_Embed.js
IP 104.21.63.213:0
GET /rs3/64/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:53 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 409995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhWMVc3YYXa5X8VNfUPtvVfQSwu10XRlMaqgNxwnNTl7hf8cM7%2BM5UvLnRvAcdRk4GCloOhF76Vjn%2Bh7CN3Ypy%2B89Sg7KzJweWG92b5wFbiEbKWoklhk2g2abAubrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96afb04b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 172.67.158.56:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 4745
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fojHOEoW%2BqACzWOggPfwnLKmba0Ug2eT3vCvKVmwaMY5LrFkWxXdCgXhDeAjBpk%2F9PICfEcs1hEWbecyg5co9Kt2%2FJLzPSsa%2F%2BOAZDeTYcp%2FN8MJxRgyu7CIfVchz4K8ZTagSOpX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96e195a0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/lang/ar.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/lang/ar.js
IP 104.21.63.213:0
GET /rs3/64/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:08 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:39:39 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 409229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkwOAwEAXToEngwaEwZiFvjRD8LCrfAQR2bQl%2BHtvpufTHsQRz%2BoEPQAeH7yIIrAzbovoy9xTAvrouItznMnSru1E2zRo8rEoJQ%2Be8KO1ep96RrTLNOWsvXrAnnGlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bc96adaf2b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
al3omda.ahladalil.com/?utm_source=pwa
94.23.150.222200 OK 0 B URL HTTP/2 al3omda.ahladalil.com/?utm_source=pwa
IP 94.23.150.222:0
GET /?utm_source=pwa HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166823; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 02:20:09 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&cmcv=&pix=undefined&cb=1668219611179&uv=3241&tms=1668219611179&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c07dd132-4b3f-4936-86b3-e321a65f970e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&cmcv=&pix=undefined&cb=1668219611179&uv=3241&tms=1668219611179&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c07dd132-4b3f-4936-86b3-e321a65f970e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-kECFgMalF0KJteoAgQalF0KJteoAgUAAAAGBuIHJGPYjUyOzWQtmnhmbtFyM1sLZxPPWuWZLBa21cy5G6yMQDKG3cjk2EzWooln5hYtN7O1cDbxrFWeyWJhW82cu8HKChE3GQ6fg4Go6Hpb7A6n2fMGFDSdDp_rXq8we_Zuk8OuMJodJofZabZr_G6_6LEYrkV_w9NjBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NgE8Ogvec_f4AAAAAAAEAAAAgARhYDSgB-DhfOfn_________jxmgz7yR-f___78x6AF48AF4EAIAALgY-sHXKPHXgqgnKuArYgQAAACwpaWieTSpEyqLqv___34rgCsAgADCtFET2yzdQYm3MAAAgICxBXpY_H6zw67xu132_________2_2f_aPJvQ2ep0WxDJ6rfYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQqxG84Wu9FsM5odAAAAwN3___-_HghuFh7fzDLaWGaDxWC58kx8i-XK5Vs5F6vlbLDxXrDfqxvdg9doX8RNhsPnYCAqut4Wu8Np9tyPoiXL3XK3Gk0Wo9FyudkNN6PB_gZisBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClasloul6vNZrXajRazwWY53GyQolWr2WgzGK5mk9lutxoOhsvRCClastwtd6vRZDEaLZeb3XAzGgwRBmYeh2vjMa0VhplxLVpMHG7hYDNxS5aT4XAxWTl2C99a9PqYHrbhcLhaeFEwYGMvkqdFOhGtBsvNajQazparwWTiGsxshplnZlt5PDPPcuWyiCWak0U6kV32xc3C45tZRhvLbLAYLFeeiW-xXLl8K-ditZwNNv7CzONwbTymtcIwM65Fi4nDLRxsJm7JcjIcLiYrx27hW4teH9PDNhwOVwt_YzYbThbL2WKwb8xmw8liOVsM9h06w3f1ORudwfHEo9KcVDdnx-YwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwQX6UTmt7zeftPTb3crLBexRGm6SCd60WMxXIv-hqfHIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-xNF1xVSf3azqwqHtKz_QrRY3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BMDhR64Ueu_AS42-0G!&cmcv=&pix=undefined&cb=1668219611179&uv=3241&tms=1668219611179&abt=mprdctdt6_vA!Noappq22_vD!smbs!spa2_vB!t45!ufm!vfdc1_vB&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c07dd132-4b3f-4936-86b3-e321a65f970e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 02:20:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668219612.688720,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
al3omda.ahladalil.com/
94.23.150.222200 OK 0 B IP 94.23.150.222:0
GET / HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://al3omda.ahladalil.com/0-rtl.css
Cookie: exadd=166823; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:09 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 12 Nov 2022 00:00:00 GMT
last-modified: Sat, 12 Nov 2022 02:20:09 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
al3omda.ahladalil.com/sw.js
94.23.150.222200 OK 0 B URL HTTP/2 al3omda.ahladalil.com/sw.js
IP 94.23.150.222:0
GET /sw.js HTTP/1.1
Host: al3omda.ahladalil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://al3omda.ahladalil.com/t118-topic
Connection: keep-alive
Cookie: exadd=166823; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.2146572475.1668219610; _gid=GA1.2.2082157477.1668219610; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:20:11 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2