mayar.ahlamontada.net/t1411-topic
94.23.76.111301 Moved Permanently 0 B URL HTTP/1.1 mayar.ahlamontada.net/t1411-topic
IP 94.23.76.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t1411-topic HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 09:53:45 GMT
Content-Length: 0
Location: https://mayar.ahlamontada.net/t1411-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13398
Expires: Sun, 06 Nov 2022 13:37:03 GMT
Date: Sun, 06 Nov 2022 09:53:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3517
Cache-Control: max-age=88556
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:45 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:29:41 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3517
Cache-Control: max-age=88556
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:45 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:29:41 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7055
Expires: Sun, 06 Nov 2022 11:51:20 GMT
Date: Sun, 06 Nov 2022 09:53:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yWcNjAWPkUzT6+79fFPwZnFkDd9eUIw8FNhYKSGJu25Vq6er9BgeYOHJbKCEhLgmof5tWLc1k1A=
x-amz-request-id: EDR73JM1YPMJ6WC3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 09:10:23 GMT
age: 2602
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8253caaf20014ecd142b02db36ec669
410af41c54e775143ededa49dd4c369010df2950
d9081e687518532afd38940be12b0712f88a6e9df58495fb06d9b644ca3a4596
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9081E687518532AFD38940BE12B0712F88A6E9DF58495FB06D9B644CA3A4596"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Sun, 06 Nov 2022 13:02:09 GMT
Date: Sun, 06 Nov 2022 09:53:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2816
Cache-Control: max-age=156606
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 05:23:52 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2816
Cache-Control: max-age=156606
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 05:23:52 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3340
Cache-Control: max-age=157130
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 05:32:36 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (amb/6B8E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2816
Cache-Control: max-age=156606
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 05:23:52 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6508
Cache-Control: max-age=86489
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:55:15 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 90ba6f752f7d112d1f00c7da46a694c4
096c051072bf1f0b19d1413507f56616b284eccf
db90e217ece34cca8af3d5feba90ff8944471277f8c4f73ef954a50f6658cbc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2816
Cache-Control: max-age=156606
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "636739e8-117"
Expires: Tue, 08 Nov 2022 05:23:52 GMT
Last-Modified: Sun, 06 Nov 2022 04:36:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:41:25 GMT
expires: Sat, 04 Nov 2023 22:41:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 126741
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/emojione/assets/png/2665.png?v=2.2.7
151.101.85.229200 OK 449 B URL HTTP/2 cdn.jsdelivr.net/emojione/assets/png/2665.png?v=2.2.7
IP 151.101.85.229:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash d96be3593df852a6bf4151ec24b16162
43a226f5958af1de8ca9d5e224b55b009e19909a
271429d12c40be921897005b7bdd08f9518960af1e1e6f56bb0060f1f183651e
GET /emojione/assets/png/2665.png?v=2.2.7 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
etag: W/"1c1-Q6Im9ZWK8d6MqdXiJLVbAJ4ZkJo"
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:46 GMT
age: 902284
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1620-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 449
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/twitter.gif
104.21.235.176200 OK 328 B URL HTTP/2 2img.net/i/fa/social_bookmarking/twitter.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 3090b55e55fa9891b1ea36d3d3400b40
86c00625be1855cc40f9619c569b32931598a947
3906923ab5823ddeb0b609865c895827aac92d1e4c51ca716809babe940f9675
GET /i/fa/social_bookmarking/twitter.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 328
last-modified: Wed, 04 Jan 2017 15:16:22 GMT
etag: "586d11c6-148"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2600598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKHNs6y3s5DgdkDB%2FQuCPvU%2BbdYbde%2FgOQhpE8jkJ5x4RVL92KcvpjyzO76RfuOQSFkQk%2Bv6swHKdZvE5cBcX6U3O5UOvslVRkxAVOY%2BgNQPOGJOpEv4g1bmag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aaced5776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/www.malware-site.www/img/logopm.png
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/www.malware-site.www/img/logopm.png
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/www.malware-site.www/img/logopm.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 06 Nov 2022 09:53:46 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 786527
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rIpNqPQUlg1NznZRYS%2BcI9cuf38w%2FN3JWUOaTj08GxxyMasSJ1ZT3F7EaD9Vch0Idjc%2FWOglJ2LPfbvRbklYV3p3vbL8ODPlFIDAWW7uscYukXmIFJSDsOGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aaced7776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/profile_from_20x20.png
104.21.235.176200 OK 1.1 kB URL HTTP/2 2img.net/i/fa/profile_from_20x20.png
IP 104.21.235.176:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash d788ba8897f1e29779f5f7d1bd6597c7
36b8e7c06d291d54ab5f1cc2c922e84b8dae436b
e343f2a67462a0f3609180d25df3c59e050a9ba3a3907bdf67c1240e5f2c49bc
GET /i/fa/profile_from_20x20.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/png
content-length: 1090
last-modified: Mon, 16 May 2016 11:00:35 GMT
etag: "5739a853-442"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2601143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOj%2Fn6%2B0mj2Qm7mdL5SGjXSN463%2FND0yKj%2FhrTBpoqd039uacTFyVALN%2BjnLLbI63cEORoXUJoQv%2FTP8eqexGNQOY7fGJeTPCfoZl4QBXxfQpWZ21x5a3G83uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacedc776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 08601075c252ac6f530d87a1e7fa560d
159b8509fdc3940ca3f4a03b972a30e1677e3581
f9ea0cf324c55628c07f7c2127110cbeabe4ab4216367617cd622ae511b40297
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5769
Cache-Control: max-age=115281
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "63668cf2-2d7"
Expires: Mon, 07 Nov 2022 17:55:07 GMT
Last-Modified: Sat, 05 Nov 2022 16:18:58 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 727
www.googletagmanager.com/gtag/js?id=UA-22180304-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22180304-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 156ee3aa673eee2351c7b7dce27345e2
3512c8e503b32901323ee5bf9fc5653ed89dcb63
ec4b87c3b085f88be11bd767fe759fddfe08befef7a6f7225e40d9aaf2ea1300
GET /gtag/js?id=UA-22180304-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 09:53:46 GMT
expires: Sun, 06 Nov 2022 09:53:46 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2601294
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BRvrpUJfNB3RMJJTGbOkTGoqvyx%2B2DaETMYuGlgRmATDI2tRy7Q%2BJ5q9fG5XzH2tjE%2BzHQD7VJGmlUNa9TtDCMlX7R%2FZm7FJ%2B8ABk%2FC7VxpyhWOlGFyCp072A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aaced8776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/i/smiles/icon_cool.gif
104.21.235.176200 OK 462 B URL HTTP/2 2img.net/i/fa/i/smiles/icon_cool.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash 05c071876108e2ad37c1190d03621151
46f8776a33f9e198fbf51f85fdf86f46fdaed906
ba8eff11c1f9872d58bbbb717a7cdbeb394fb46dc70226400524a4d5582ff771
GET /i/fa/i/smiles/icon_cool.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 462
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-1ce"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2601225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oEccIvB17dRqxW6DC7FZDS9%2BR%2F9rMZegnxAye0j4w1uMSoc%2FSILM0sduSpYWkPsUUoSBYIs%2Be%2FudiBOiufFabEz5NznX5hglFhPwHHxLx0uEAl1lOyHecR6Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aaced2776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/rss_mod/rss_br10.png
104.21.235.176200 OK 447 B URL HTTP/2 2img.net/i/fa/rss_mod/rss_br10.png
IP 104.21.235.176:0
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 219cd5ce2e3e08e14d2c7a26147143bc
120e1594382e5dfd0f0fcd7703c324f4322b831f
6afb26a22a3683d4587e4c96ab286eb61fe401dbe07cc1b38748d1671dcd1f0c
GET /i/fa/rss_mod/rss_br10.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/png
content-length: 447
last-modified: Mon, 16 May 2016 11:01:05 GMT
etag: "5739a871-1bf"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2600193
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clf9c2y3kkd884rO1MddT%2B0Wnguj73oKDE2%2FqXQxIc0P3UK2Z9J1pTLHnDKd%2FpOHr39txK9249Jo1f6wtUzzXKxUfBN3rxCbhRjTz8wOPKT01NsRDW%2FAbp68zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacedd776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/subsilver/icon_zodiac_capricorn_2.gif
104.21.235.176200 OK 315 B URL HTTP/2 2img.net/i/fa/subsilver/icon_zodiac_capricorn_2.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 20 x 18\012- data
Hash effd43e4a547b224ade12963c5926dd6
9fe65b71c641335575d003ac1b35b264ea369c5b
d3807c173efab4574fb709fc10eea0d6de2a5c6d203b083989bdf455e7cfc012
GET /i/fa/subsilver/icon_zodiac_capricorn_2.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 315
last-modified: Mon, 16 May 2016 11:01:57 GMT
etag: "5739a8a5-13b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 304058
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8yTSBVdu8lduBPgQD8I3BWKMwgIFdkxqvOiZE4tGjD9Xa3jQMQEZAfEEyE3gsDaXi5ZwYvQ3tHO%2FjBTfDcePL1WF4Aujh5yi5aEajd6Oaw%2FkuqxEnWJF%2Ft2vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacede776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 55ba4a4c9b7f4a690ac25acbc809f47e
37be45326d09dabd6b5895092f09cf3637da8981
6ea053c44536cc954eea4c9faef78bae09e5d36b5b210d3a81481e1683d44476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=114851
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Etag: "63669825-139"
Expires: Mon, 07 Nov 2022 17:47:57 GMT
Last-Modified: Sat, 05 Nov 2022 17:06:45 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313
2img.net/s/t/14/00/59/i_icon_gender_male.gif
104.21.235.176200 OK 1.9 kB URL HTTP/2 2img.net/s/t/14/00/59/i_icon_gender_male.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 72 x 15\012- data
Hash ac9db8766913cf80d1f2ce48965f953e
7d741f2f6f45d19878399f99661df159a777bf29
0d63a4cbfb49aa1ce2de2c388b26145678cb8f629dfc206c21645ddbce4eceda
GET /s/t/14/00/59/i_icon_gender_male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 1929
last-modified: Sun, 28 Jun 2009 21:23:21 GMT
etag: "4a47df49-789"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 87807
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyqEKLu9DeABkytbdaYNokMi4EIebrF1%2FQ89gCJviMarJNjHiPcT2UNLPZeM%2B3Dn705qcZBFHnYDrN0KsMF6uhEcMhAFxy3c9eBJQqkuX6hoYcFg082GelGq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacedf776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/reddit.gif
104.21.235.176200 OK 717 B URL HTTP/2 2img.net/i/fa/social_bookmarking/reddit.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 87ccc0926c1e638e219b1a62b03ae993
4bf5dc66299ca41ce482fc5ac75c8f6a99f8601a
3174887814d1432109a58b186ea78834f33ee118bf8dfb7839e15f2b21e5f583
GET /i/fa/social_bookmarking/reddit.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 717
last-modified: Wed, 04 Jan 2017 15:20:52 GMT
etag: "586d12d4-2cd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2600598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F1jwvakRxSrkVDBroI25XFjgfA%2FBthrcVMPXM9Vwv7CQOo6WkzBDgerDNq0EeI5h4MkBYhw5jSv4%2F9RhYWJCbWykeDIsL34cgxtKX62I9ebaJ47izSOJ9i%2Fpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacee6776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/facebook.gif
104.21.235.176200 OK 646 B URL HTTP/2 2img.net/i/fa/social_bookmarking/facebook.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 4bfe409ecaaad3cb02b70487d0ea4ca2
de6791b9910220fe46ca2222b5a863593e93c0a2
5206296d25769debb150836abafd9a12316ccd64492e1ea77c583c2e83a8bf62
GET /i/fa/social_bookmarking/facebook.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 646
last-modified: Wed, 04 Jan 2017 15:17:32 GMT
etag: "586d120c-286"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 717135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gneCE2L53Ypm5R0dtXkiptMxcEKiDZtzMFJgW1wUztvayBktmPcrxmluh9RgoZvZujbpv2DoOT5kRvOlsGGYHZf1OzKvlWVURJUzXYpnQ%2F7rT5wdqyK0RZNHgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacee5776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.176200 OK 42 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2601276
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IHpGigPhbcU7tbNdOOhccfsFiGfNlNCTDZrk2Vh8hyEbD%2FtjFoSSQ5w93TY5b2fVhguZsNA0DXGnwoHFkYBMISXX7Ein9AMd9Uzh69tNUzv75hpBHaNa%2Fxz8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacee7776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/16/93/29/i_tabs_less.gif
104.21.235.176200 OK 849 B URL HTTP/2 2img.net/s/t/16/93/29/i_tabs_less.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 11 x 10\012- data
Hash 5e5fc2950e29aabbd401a2037413be80
37fbb345d9b5644164f80718352d82b2d30fc800
14e7f896909394507dd9496fcf60efe5e8ecd362ecda5ec82ba782ef5d13d45b
GET /s/t/16/93/29/i_tabs_less.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 849
last-modified: Sun, 13 Feb 2011 03:38:33 GMT
etag: "4d575239-351"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwhDwL6rjJgjrzQf0JWJe9dJX35bn1mso9LG0Fe1ctRytEIMbUA4g26Gm57RG9Tqy5ObAFNERxlYN2nYjGPTdUQ36GNvqHWuTB09lWJD1bE1GOFoc%2FYLIawHhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacee1776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 336c25833b3020716753fc02631c2518
593fc6212a86de0b86707ed859b0d2dc7c95e2f5
8d9b4ba9304b3255176edfb806ef5ff10321495793677c6ab775d52eb7ed8023
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 09:53:46 GMT
expires: Sun, 06 Nov 2022 09:53:46 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash ebfb2e50d9bf98c3cddb9f6a7013c9e5
7835d0ed3e92a91cb5c45df1bea2fc81b5e2a63c
b7360f1e53a3b82acece3b01426211aaebf852bbf69f61584b7f8fd8de615424
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0A168C6A9C9AC63CFAFD98EA1EB8B4D76B4106DA"
Expires: Sun, 06 Nov 2022 20:00:00 GMT
Last-Modified: Sun, 06 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2691
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765cf1ab4e141c16-OSL
2img.net/i/default.png
104.21.235.176200 OK 977 B IP 104.21.235.176:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 68740394c6718e3d6587d038d20d51a9
149fff376f6ed06d10c19b41ac3ce8dd97256d48
d28f3347aa8d5ef1cff4e57c589a8ce825b4350e1667d9808a29fa8c89d8e96b
GET /i/default.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/png
content-length: 977
last-modified: Sun, 10 Jun 2018 21:44:20 GMT
etag: "5b1d9bb4-3d1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2601286
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6aYwOLsRPiqjYm90WQqI9LLSsSyEihA9wDdeotNybI49Q2CgO2fBj1OlaNe3Ys3hhXVDJIdGAYZ9AamVdqEd%2F9y1%2Bi%2BPVXo%2BRTskw5WW7B7Lnug%2B%2F7%2BfTPaZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1ab4fa4776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/s/t/16/93/29/i_tabs_more.gif
104.21.235.176200 OK 882 B URL HTTP/2 2img.net/s/t/16/93/29/i_tabs_more.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 11 x 10\012- data
Hash 29cae1ed5e6c4bdde28810ab5cd80a1a
964bde77fe30fb0ccec215db8efd158e27da750c
3f9058be354d2486690dea50434374c75972e10b7492aa32197943d9ee8c419a
GET /s/t/16/93/29/i_tabs_more.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/gif
content-length: 882
last-modified: Sun, 13 Feb 2011 03:38:33 GMT
etag: "4d575239-372"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xrg5Z0P3GkJHshuzqW1hjlE%2BuVcTxNxt1W0BwjNN%2FW3IgY%2FcTs1D8DWQXTQWx67lrzRaNV5JDl%2BbtmOENVCCxXuSmORFsDsRsvHq47x9ya2GSSIAIGH7RCZjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacee3776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f49/16/29/16/21/ouuuuo15.jpg
104.21.31.159200 OK 2.5 kB URL HTTP/2 i.servimg.com/u/f49/16/29/16/21/ouuuuo15.jpg
IP 104.21.31.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x50, components 3\012- data
Hash 812f4b858b141f21bd736734f28ae81b
1a6077e72732670e6b835ec11ba5cae8fc4a9244
c28bff5624a19304e058cfb876f4c0d5f086f0615c664442264b3008aba04707
GET /u/f49/16/29/16/21/ouuuuo15.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/jpeg
content-length: 2511
last-modified: Wed, 05 Nov 2014 05:24:26 GMT
etag: "5459b48a-9cf"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 05 Nov 2023 14:07:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEDHJgHRNBlvc%2FHeKC2TdmOHojX21%2BGADji9SN6MpnDEZEsXkl04O7aFZbSocCwUOvvANWO4UVkfvmKmALSvAsUMFlUFIsfEfcwuNcsrh1CzrEqXjhjWN3ww7JWD5UNn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765cf1aa9af60b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f49/16/29/16/21/ouuuuo14.jpg
104.21.31.159200 OK 2.5 kB URL HTTP/2 i.servimg.com/u/f49/16/29/16/21/ouuuuo14.jpg
IP 104.21.31.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x50, components 3\012- data
Hash dff981b55fb9dd845ce703222d9c7afb
ed6af6aab14f87bc3a4f26676df627f30b468c49
95e52cd9fad00085dd5bee4aeddfe975a47b7f1c99a941d02c2e37ef75a77176
GET /u/f49/16/29/16/21/ouuuuo14.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/jpeg
content-length: 2545
last-modified: Wed, 05 Nov 2014 05:46:01 GMT
etag: "5459b999-9f1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 03 Nov 2023 19:06:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XVs%2BefkqPELeeK4ZG%2B%2BoagqQmMhGX2H4B123aLofYBFbl3V8oK2rBYMUeeR6kyHaRc%2F3pFRqOaC3ZqKuO9A5CRZNNOIm4fulZwAT2a0BDuwkNcGstteg%2BAOVKdJX1Kc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765cf1aa9af10b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f38/16/29/16/21/oao11.jpg
104.21.31.159200 OK 2.6 kB URL HTTP/2 i.servimg.com/u/f38/16/29/16/21/oao11.jpg
IP 104.21.31.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x50, components 3\012- data
Hash f9addb81120a46336ed34ec9fae7e3ec
82636724aa8bfbf3e742685fbb853e7d645b1e4b
6bf4f7bc1048fe595626a735566b7cab1f56ec0915f42ce8efa163fc7469c96a
GET /u/f38/16/29/16/21/oao11.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/jpeg
content-length: 2588
last-modified: Thu, 05 Mar 2015 13:53:25 GMT
etag: "54f85fd5-a1c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Wed, 01 Nov 2023 16:47:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISZJ8ePggSCMhnDyl%2Fh%2BV8Ih3B2nUgUsWy%2B%2Bk5NlFULHbvYBHk7FWK%2FnNdSD8VK5i%2FgIx5Yt1OmX2KC9CMphPkBw0%2F2x0ObLD2sqhol9%2BVF%2Fir23fxs38FD2uwflvEOR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765cf1aa9af50b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f38/16/29/16/21/u_oood10.jpg
104.21.31.159200 OK 2.7 kB URL HTTP/2 i.servimg.com/u/f38/16/29/16/21/u_oood10.jpg
IP 104.21.31.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x50, components 3\012- data
Hash 8d419048111520e89d000c8b9d229463
10062776cfd3b68571ef38aef6f3279aa240e513
bc3cd620dbfa63f40195c07906d41f5e438ab6c2dcbfc10c4d793462e5f65d4c
GET /u/f38/16/29/16/21/u_oood10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/jpeg
content-length: 2700
last-modified: Thu, 05 Mar 2015 13:49:57 GMT
etag: "54f85f05-a8c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Fri, 03 Nov 2023 19:06:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD%2FUlowTsQYwUvAMsun7C%2F78CRnlahUCkJWWevbV3nHZOFOhMCQC1SHtxnEua86BLdUxhw%2FkmUiUquyNXa3aI4QDECmoh7lhZAM2YhbL9T8HzFvjV1Sn2rZocPr8pe92"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765cf1aa9af30b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mayar.ahlamontada.net/0-rtl.css
94.23.73.212200 OK 55 kB URL HTTP/2 mayar.ahlamontada.net/0-rtl.css
IP 94.23.73.212:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash b1c6377b6e08866df60d2b4e6e2e4ee0
60930b2edd134d7019b07a9edf1122659ba484e2
08cf3ed04219c45a9982240bea2734cab3d17b7b0cc09178a093f92e9f8f5d43
GET /0-rtl.css HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/t1411-topic
Cookie: exadd=166774
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: text/css
content-length: 54799
last-modified: Sun, 06 Nov 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
i.servimg.com/u/f38/16/29/16/21/uo10.jpg
104.21.31.159200 OK 2.5 kB URL HTTP/2 i.servimg.com/u/f38/16/29/16/21/uo10.jpg
IP 104.21.31.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x50, components 3\012- data
Hash 5a2ab601bfc010fa9a320cc78c043542
2743d336fff1b86fcfa5143787101253050069b4
8efde9547fe89c7d4ef58d3030359c54fa2219f9ca109074cb1aa1666347bab9
GET /u/f38/16/29/16/21/uo10.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: image/jpeg
content-length: 2520
last-modified: Thu, 05 Mar 2015 13:53:40 GMT
etag: "54f85fe4-9d8"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Mon, 06 Nov 2023 09:53:46 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BUcuqo26Uhw0jNOSdNuhhLcB9cA29%2F8ALQGCry79ZzuxGIZ40cJC%2FLZDGKCGdqPJDbzP%2Bmwha0MwyWdxO4nnPb7HlQufqxPkxULI9q%2BIjkN%2BT5FmtJRJ0qb2Ntpl48b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765cf1aa9af70b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.148.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.148.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0mDHqPtgMj/PaKH3EeTYBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oLlcmaxOuX87VhmV2i337iTV9vU=
2img.net/r/ihimizer/img219/8127/teenwolf2011banneraa.jpg
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/r/ihimizer/img219/8127/teenwolf2011banneraa.jpg
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /r/ihimizer/img219/8127/teenwolf2011banneraa.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 06 Nov 2022 09:53:47 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFZ%2BuGS1JdxTh4PmaUPsbp2ICp1jBgSP3S79Lds8CJGUWU1%2BDCdxTHMWP36Azp8csWa4bOzhQ1VgNRvI6%2Fv9GyU97SV%2BtfR4aK1H87JSLHUkVxVyrPTu4JD6JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aacee4776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af602b6446c98788e17a1cab8a400a71
fb1127caa2cbc7ee6fddb2deccc1d5667923a484
8c94ddbbc0f45256eea8f596b07c28b146b63ba3b38acb2be1fdb9a6205b73e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5971
Cache-Control: max-age=107943
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Etag: "63666f7f-1d7"
Expires: Mon, 07 Nov 2022 15:52:50 GMT
Last-Modified: Sat, 05 Nov 2022 14:13:19 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a198ebd2267e48c16919700ad5b352d4
c33062691b7a4f6a909e212f085de86032e168f8
30fe9b532df01e74a32a86f7ef75f3202191311491a65d3d9a8a922853b6a497
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30FE9B532DF01E74A32A86F7EF75F3202191311491A65D3D9A8A922853B6A497"
Last-Modified: Thu, 03 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=542
Expires: Sun, 06 Nov 2022 10:02:49 GMT
Date: Sun, 06 Nov 2022 09:53:47 GMT
Connection: keep-alive
illiweb.com/rs3/63/frm/lang/ar.js
104.21.63.213200 OK 19 kB URL HTTP/2 illiweb.com/rs3/63/frm/lang/ar.js
IP 104.21.63.213:0
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash c3501758db14f32b0199b0c6000a9209
e9959abcbb2245950952c50fe05935f44142b59c
65e1761ca8ab4fabe8c553a1df856ca6b1b18f2f4186e617767309d4722a5c8a
GET /rs3/63/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5103954
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjihQ7J2rzj9YLJSYNwxb2TDaRLE4%2Fu2leI7khwDNYUQlR8nqjAW4CIBikHZ6WshRHSUavVU6Hn7Y6glShX0nQhoZtNKiHEJuFgn2dAO%2B4ohmxVs5YP%2BffcXV9zhEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aa69dcb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=mayar.ahlamontada.net
178.250.2.146200 OK 5.8 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=mayar.ahlamontada.net
IP 178.250.2.146:0
Hash ae49f5b69c23d6760c6d39271ef9b173
6aa968dabb810521154a8ab5ee4fe7c4858af7c2
d22fe18f98a45736a3b9ffe17f1e2e64d319033fad3fd2e5dacd34dde1ea5355
GET /syncframe?origin=publishertag&topUrl=mayar.ahlamontada.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=4a1d18e5-033d-457a-a969-239acef1612a; expires=Fri, 01 Dec 2023 09:53:47 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 881968
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e3435d6d488db0b1eb5c2d12336c0ba
97135089d3dcef4067d5169083cb78b4c1b132e2
2bad865dd9272ac94ad40a0a4214a524323c55f7df32febdcd8327045c46e124
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3589
Cache-Control: max-age=114554
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Etag: "636692a0-139"
Expires: Mon, 07 Nov 2022 17:43:01 GMT
Last-Modified: Sat, 05 Nov 2022 16:43:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 6.0 kB URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (14782), with no line terminators
Hash c0ecfb9e2db67b6fb29ddce08ff1071d
79b3ce81488f2a160343da87b2dd7bff73f96aad
159c0eb3645904a179c4c99c07eefec835874f1a5d8ff9b809f7c049e2a78b4e
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:54 GMT
etag: W/"63626a7e-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 632fee60e8de673337ea4d57a9a0c5e7
4ed258934308767241536f6ebd89ecf71e6bdcdc
1ddb35705859250c31ab9c2161499aa8c41e1c649c08e192d88544fbba20b7b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5020
Cache-Control: max-age=88257
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Etag: "63662650-139"
Expires: Mon, 07 Nov 2022 10:24:44 GMT
Last-Modified: Sat, 05 Nov 2022 09:01:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 632fee60e8de673337ea4d57a9a0c5e7
4ed258934308767241536f6ebd89ecf71e6bdcdc
1ddb35705859250c31ab9c2161499aa8c41e1c649c08e192d88544fbba20b7b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5019
Cache-Control: max-age=88256
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Etag: "63662650-139"
Expires: Mon, 07 Nov 2022 10:24:43 GMT
Last-Modified: Sat, 05 Nov 2022 09:01:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 348
Cache-Control: max-age=149800
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 03:30:27 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 08:41:09 GMT
expires: Sun, 06 Nov 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 4358
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.85.44200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65497)
Hash 4c1e16ceb1911a1f3920fa689c4620fa
384c5078c94fbd43bfc8851e6c9976be1136dec0
557ca19567b0aa5fd8662e0307821664fb15faa6aea0eca724846bebf2b871f1
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zL7OSOZjEWIhligPfT3uV7PsKcvYv5wu0Ljg825SSK/uJSAwhBQVfb01N+Qi1/Z/7ZvEh8Gs8k8=
x-amz-request-id: 7VBRPBBXVG9HT4Q3
last-modified: Thu, 03 Nov 2022 13:04:51 GMT
etag: "15fddc7e4c2126c20a02f06b12f8d605"
x-amz-version-id: zjeLYXnXHsGMsVTlnET923uOul.YTUdH
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:47 GMT
via: 1.1 varnish
age: 119
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667728428.694655,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 99
content-length: 25230
X-Firefox-Spdy: h2
badge.facebook.com/badge/100003774388150.466.678211872.png
31.13.72.8302 Found 0 B URL HTTP/2 badge.facebook.com/badge/100003774388150.466.678211872.png
IP 31.13.72.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /badge/100003774388150.466.678211872.png HTTP/1.1
Host: badge.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/Hn3hZ7_eVoc.png
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: PridzNI2QBAG9YOytuY1nC6lViXYH+vtejMA3h/fltD8PvDOiYnOA3Uvn86XcpIHpO8t18el8ellLVpEu9l59w==
content-length: 0
date: Sun, 06 Nov 2022 09:53:47 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 557a84e1a4b4a45f586fb72599df1ad0
78eec98dcefee53f24a6684e407c81676e7952b4
a488b14f67aa02c62eb30b758d1eb76155478e3af0b2fd78dc52de4e28ed4014
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20987
date: Sun, 06 Nov 2022 09:53:47 GMT
expires: Sun, 06 Nov 2022 09:53:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c1b020d722de3a38"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=132&profileId=206&cb=16193576021
178.250.0.165200 OK 158 B URL HTTP/2 bidder.criteo.com/cdb?ptv=132&profileId=206&cb=16193576021
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 76cc4fee62ace7565a00f0f16893c743
44d4c3f8e615974bd8eb0295628eb672ce66f7de
c72d67fd6931bbb0b34e1ec85323be79d2f2354cdc392b3d9b9e342e7c159708
POST /cdb?ptv=132&profileId=206&cb=16193576021 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 571
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://mayar.ahlamontada.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 158
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 348
Cache-Control: max-age=149800
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 03:30:27 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.comodoca4.com/
172.64.155.188200 OK 281 B IP 172.64.155.188:0
Hash fbbb96ec241169c55ca2f1bc58b39b4d
e86cc45893215a885a847169be24f27c6fd5b1bf
6cc48f250afba54bd0660e46f69a1ec4a042f92db4f87d2e17005e44b4b2bf10
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:47 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 00:47:10 GMT
Expires: Sat, 12 Nov 2022 00:47:09 GMT
Etag: "e86cc45893215a885a847169be24f27c6fd5b1bf"
Cache-Control: max-age=485001,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765cf1b10f16b506-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mayar.ahlamontada.net/?utm_source=pwa
94.23.73.212200 OK 46 kB URL HTTP/2 mayar.ahlamontada.net/?utm_source=pwa
IP 94.23.73.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25158)
Hash 08f4681c3c75322e6d8eed52c6e1e72d
7048ed159ffb961bfcf7073acc3b6c64409a5b44
53206e742b649f7852b1dca585a249f798616540b4062ccacdab962bacce0402
GET /?utm_source=pwa HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/serviceworker.js
Connection: keep-alive
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 06 Nov 2022 00:00:00 GMT
last-modified: Sun, 06 Nov 2022 09:53:47 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Size 146 kB (145832 bytes)
Hash 2cb70b33b089c62b26eb96d94e7848bd
cf1686eadf7992bfc00f123bf26bca19857697d8
e2c6a7f536218170613c3a652d52131e5b70541333377645cb39bec56f3255b0
GET /libtrc/impl.20221102-48-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9ev1Nxau8RZi/3Ry4EmiKGio8KAljHS1bjrQt+OvwlnYiPXUSniGV3fIft4tlxpOjW3kBb9VG68=
x-amz-request-id: MMDGV2TEXDJWYD38
last-modified: Thu, 03 Nov 2022 09:40:21 GMT
etag: "2cb70b33b089c62b26eb96d94e7848bd"
content-encoding: br
x-amz-version-id: cUHcgl7EI0Kdobxi4IZyHivlOu5FPy45
content-type: application/javascript
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:47 GMT
via: 1.1 varnish
age: 794
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 436
x-timer: S1667728428.937978,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 17
server: AmazonS3-br
content-length: 145832
X-Firefox-Spdy: h2
mayar.ahlamontada.net/images/icons-180.png
94.23.73.212200 OK 18 kB URL HTTP/2 mayar.ahlamontada.net/images/icons-180.png
IP 94.23.73.212:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash bdbb1e3c6d786580874c0fac13f79ee3
35ae7fa2c8497d4c9f08f3d830ae0db3b92703c0
c05464725c9a04a6f54ffbe6609b4e32eb1912fc47855b25a4ef733621ce1279
GET /images/icons-180.png HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/t1411-topic
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:48 GMT
content-type: image/png
content-length: 18025
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 06 Nov 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 138669aacfe3c5c3dbfaad8256736eb1
b10b54047c043a723a5dbc452f01c90d4c56ca03
98bf3006d2b5401089ea2be634624d6263f777bb41f5a3b08d9f5f8fc38bdd10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash bef0f5f1742148554b738e79ebbdc76d
ee37ad3e7b5c9c92729f8968a872f035ada28554
bb4d05a236b38335e73aacbb3c830537fda500991131db84e4fea9d594869599
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166510
Date: Sun, 06 Nov 2022 09:53:48 GMT
Etag: "63675a38-1d7"
Expires: Tue, 08 Nov 2022 08:08:58 GMT
Last-Modified: Sun, 06 Nov 2022 06:54:48 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: k3R7X4OKOszJuGrxJr1f79zWYkh3ODRRBMosHHKunHezfLfXMb2Xhw==
Age: 4450
api.viglink.com/api/ping
99.80.60.12200 OK 260 B IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash fbf2e9705ce997fad548dfd3e3e7aa1a
ea844cc2b0902a9feb90ac74f9f3c13dee7fdd25
38efb1c202533ead87fef1e53c16f011d881e11241a1e05b373685badbca921a
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 141
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mayar.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 09:53:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmayar.ahlamontada.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
216.58.207.237200 OK 860 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmayar.ahlamontada.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
IP 216.58.207.237:0
Hash 212384d2424427c46f139bc49f59389b
ff053f60aa3f9fc7dc56651e5de8ac7cbf81dfcb
b28d815d156db4787bfd09501e2e195840f20e5b8951046441e7df49448f08ea
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmayar.ahlamontada.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 06 Nov 2022 09:53:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-zGSfVcYxwkcijdVaphxyXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 09:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 09:53:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 43498
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92234d28d67355984873ddf7f2bc85c
309a09b99f2419d6c45c271b67f387a6a62abd4a
436c965529e1e01b2b175fd72f45bab799f77028f1671978c16a37c61e267074
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12098
x-amzn-requestid: f8b11dcd-fb4c-4eda-a84d-2c36b08dfd16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbDWE7SoAMFatw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d87b-386cc0282685a0e8611a24ce;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:41:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cuSzUxz5mU03--3mUK73KKUGQQVVu6rlF2oBXm-gBhbN9Y-V1YTXOA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "309a09b99f2419d6c45c271b67f387a6a62abd4a"
content-type: image/jpeg
age: 42070
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 42070
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 12349
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 43755
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 15725
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=09%3A53%3A46.197&type=usage&msg=rtus&llvl=2&id=6188&cv=20221102-48-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=09%3A53%3A46.197&type=usage&msg=rtus&llvl=2&id=6188&cv=20221102-48-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=09%3A53%3A46.197&type=usage&msg=rtus&llvl=2&id=6188&cv=20221102-48-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 09:53:48 GMT
x-fastly-to-nlb-rtt: 22480
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.99200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 00:32:06 GMT
expires: Mon, 06 Nov 2023 00:32:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 02 Nov 2022 00:08:18 GMT
content-type: text/javascript
age: 33702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clocklink.com/js/anim-library.js?ts=1413396308
216.230.241.100200 OK 1.9 kB URL HTTP/1.1 www.clocklink.com/js/anim-library.js?ts=1413396308
IP 216.230.241.100:0
File type ASCII text, with very long lines (1921), with no line terminators
Hash a975401a9f34ecc70041bf7d5c12485b
ee9bc0fdd1acccb964c23af642f8773f7d50bcf3
5818443b387973b6dd1f3185fbfce5515ca6f753e2e8b4c96fee56e7d5ac8898
GET /js/anim-library.js?ts=1413396308 HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:48 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Wed, 15 Oct 2014 18:05:08 GMT
ETag: "3604f7-781-50579f8e18cd1"
Accept-Ranges: bytes
Content-Length: 1921
Connection: close
Content-Type: text/javascript
gem.gbc.criteo.com/newidsd
185.235.84.66200 OK 2.3 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.66:0
Hash f086315d3e0c9aa3e74e2b62a60cffe6
51ceae61f5824def2c0cda43731cb6575459d34e
afc75360c6bdce10ae619cb7bb2007d2285c4d0897ff04617b6e00e53039c5dd
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 101359
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clocklink.com/js/html5clocks.js?ts=1635199781
216.230.241.100200 OK 3.2 kB URL HTTP/1.1 www.clocklink.com/js/html5clocks.js?ts=1635199781
IP 216.230.241.100:0
File type HTML document, ASCII text, with very long lines (3197), with no line terminators
Hash 3f18f13da93221d0c960211215bd96c0
3b724c515d2b28de8d43d87f8d9fcbc94319d62d
c6d2de5f2d718cecd28c1734c9d07287ea3994113e3505fff0639a641287a6bd
GET /js/html5clocks.js?ts=1635199781 HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:48 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Mon, 25 Oct 2021 22:09:41 GMT
ETag: "360b3e-c7d-5cf349e16d66d"
Accept-Ranges: bytes
Content-Length: 3197
Connection: close
Content-Type: text/javascript
www.clocklink.com/img/link/460_460.png
216.230.241.100200 OK 10 kB URL HTTP/1.1 www.clocklink.com/img/link/460_460.png
IP 216.230.241.100:0
File type PNG image data, 460 x 460, 8-bit colormap, non-interlaced\012- data
Hash 450a7f428e21c253a9065873308d5ec3
030afac2b423a2fa05c081498ef41ab619f41052
0e8030200a95aeeeb3b3675c70e840afec2f5d4093825c2ab4d6561fdd37d430
GET /img/link/460_460.png HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:49 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Mon, 25 Oct 2021 22:08:36 GMT
ETag: "3e0073-2827-5cf349a3a41c7"
Accept-Ranges: bytes
Content-Length: 10279
Connection: close
Content-Type: image/png
www.clocklink.com/clocks/HTML5/html5-019/hour.png
216.230.241.100200 OK 2.6 kB URL HTTP/1.1 www.clocklink.com/clocks/HTML5/html5-019/hour.png
IP 216.230.241.100:0
File type PNG image data, 46 x 135, 8-bit/color RGBA, interlaced\012- data
Hash ea6244f4d84290b76b0d42eb6c5e1eb1
6e87774963dd458317f25d962cf60db02691734a
4df70d087823dd75ab7f1f9f4dce5a5ced4cbdaf8db51514072047afbd84c685
GET /clocks/HTML5/html5-019/hour.png HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:49 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 03 Jun 2014 17:05:17 GMT
ETag: "360ae9-a25-4faf1841e7ab2"
Accept-Ranges: bytes
Content-Length: 2597
Connection: close
Content-Type: image/png
static.criteo.net/images/pixel.gif?ch=1
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:49 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Wed, 01 Nov 2023 09:53:49 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:49 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Wed, 01 Nov 2023 09:53:49 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.clocklink.com/clocks/HTML5/html5-019/minute.png
216.230.241.100200 OK 2.3 kB URL HTTP/1.1 www.clocklink.com/clocks/HTML5/html5-019/minute.png
IP 216.230.241.100:0
File type PNG image data, 23 x 184, 8-bit/color RGBA, interlaced\012- data
Hash 60c9ade89d3378b8c44c9f34927efda8
5284e992b7b0c3870636868ed3098c75184ed235
bbf96921684fc51885a0a88defaaef85101bcdc8ec5564cdeb50006dc0599560
GET /clocks/HTML5/html5-019/minute.png HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:49 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 03 Jun 2014 17:05:17 GMT
ETag: "360aed-8e2-4faf1841e85a6"
Accept-Ranges: bytes
Content-Length: 2274
Connection: close
Content-Type: image/png
www.clocklink.com/clocks/HTML5/html5-019/second.png
216.230.241.100200 OK 1.0 kB URL HTTP/1.1 www.clocklink.com/clocks/HTML5/html5-019/second.png
IP 216.230.241.100:0
File type PNG image data, 13 x 121, 8-bit/color RGBA, interlaced\012- data
Hash 99a8edc71f18a2900b63c381af421d34
8318e5f01944e55a6791c75bce1bb1e22bd4a8a4
b8d1d14ff681a7ecefacacd8fde60cbc63bd2606531f854950e0aed672a560e9
GET /clocks/HTML5/html5-019/second.png HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:49 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 03 Jun 2014 17:05:17 GMT
ETag: "360af3-40f-4faf1841e992e"
Accept-Ranges: bytes
Content-Length: 1039
Connection: close
Content-Type: image/png
www.clocklink.com/clocks/HTML5/html5-019/overlay.png
216.230.241.100200 OK 16 kB URL HTTP/1.1 www.clocklink.com/clocks/HTML5/html5-019/overlay.png
IP 216.230.241.100:0
File type PNG image data, 450 x 450, 8-bit/color RGBA, interlaced\012- data
Hash cf3079a7c34726754d4c710910c162e7
2e07a06b9842cd2f21c1c8ed329085132a2122ce
9a2fe5ce43f88e2f2e7a5f427f87f925327a406a779d685d71eadd7ce71d1a36
GET /clocks/HTML5/html5-019/overlay.png HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:49 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 03 Jun 2014 17:05:17 GMT
ETag: "360aee-3e63-4faf1841e88ce"
Accept-Ranges: bytes
Content-Length: 15971
Connection: close
Content-Type: image/png
www.clocklink.com/clocks/HTML5/html5-019/background.png
216.230.241.100200 OK 370 kB URL HTTP/1.1 www.clocklink.com/clocks/HTML5/html5-019/background.png
IP 216.230.241.100:0
File type PNG image data, 460 x 460, 8-bit/color RGBA, interlaced\012- data
Size 370 kB (369542 bytes)
Hash 6377c915d54ae7decdaa6305a63ce706
ae8f4a0ec79a09f1bd48eaba2c1f904dc578f6ff
9958e072119c9e69f15e31c9bcc07a35497c83d0be2a8d20e7b73d1e4d40fe40
GET /clocks/HTML5/html5-019/background.png HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clocklink.com/html5embed.php?clock=019&timezone=GMT0300&color=brown&size=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:49 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 03 Jun 2014 17:05:17 GMT
ETag: "360aea-5a386-4faf1841e7dea"
Accept-Ranges: bytes
Content-Length: 369542
Connection: close
Content-Type: image/png
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mayar.ahlamontada.net/
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8dfb3e8fdffb53a6229937533c3683b7
ad2f68ff1e0f504c6554935b1c9af2c19892932c
a154fb913846e36d3ba3835bce3c875c30a0045d757c1a2fd30389761d7ff167
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A154FB913846E36D3BA3835BCE3C875C30A0045D757C1A2FD30389761D7FF167"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1063
Expires: Sun, 06 Nov 2022 10:11:33 GMT
Date: Sun, 06 Nov 2022 09:53:50 GMT
Connection: keep-alive
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mayar.ahlamontada.net/
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Content-Type: application/json
Origin: https://mayar.ahlamontada.net
Content-Length: 390
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c5ae4d9506742b6736503eb111f5d3a6
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Content-Type: application/json
Origin: https://mayar.ahlamontada.net
Content-Length: 470
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1ae72883938f91bd52b2e1fa2bab2555
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
99.80.60.12200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 99.80.60.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 06 Nov 2022 09:53:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ba5d09c54b98bfc2c7b5f15103e025c4
4aa7eb9e5615c168c0cd80234a6c96836b6024c1
d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5017
Cache-Control: max-age=172120
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:51 GMT
Etag: "63676dee-117"
Expires: Tue, 08 Nov 2022 09:42:31 GMT
Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/domains
99.80.60.12200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash 63f15f0907888c6c802acc20887c15f6
c4559ee46dcaf27d3a190cf8c20ecab0fc91e8ea
397a88c164b63a6e1d8d6a0e4818dfd23356e409d4dc2221d762cb421f83cfcb
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 382
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mayar.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 09:53:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&gjid=1286732514&_gid=416290239.1667728426&_u=YEBAAUAAAAAAACAAI~&z=1237428382
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&gjid=1286732514&_gid=416290239.1667728426&_u=YEBAAUAAAAAAACAAI~&z=1237428382
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&gjid=1286732514&_gid=416290239.1667728426&_u=YEBAAUAAAAAAACAAI~&z=1237428382 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mayar.ahlamontada.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 09:53:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ba5d09c54b98bfc2c7b5f15103e025c4
4aa7eb9e5615c168c0cd80234a6c96836b6024c1
d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5017
Cache-Control: max-age=172120
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:51 GMT
Etag: "63676dee-117"
Expires: Tue, 08 Nov 2022 09:42:31 GMT
Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
developers.google.com/
142.250.74.14200 OK 44 kB IP 142.250.74.14:0
Hash 8c6e2a26ecfa8aeee2b83913e95d4698
b15d101c3f739f7b62cc115de500fbd70cfa84ba
86800081283e2b75aa90d84e7295b18a6f0fde5c8c8e6795e8239eb9bdc32ea3
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 18:40:04 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.107804975.1667728429; Expires=Tue, 05 Nov 2024 09:53:49 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-E8t3HZcwCl92YqKpNOQFo40uRBfxf3' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 09063219e14d3c7734f4d4b888160db0
vary: Accept-Encoding
date: Sun, 06 Nov 2022 09:53:49 GMT
server: Google Frontend
content-length: 22472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=375687,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765cf1c6bdcfb517-OSL
mayar.ahlamontada.net/sw.js
94.23.73.212200 OK 2.2 kB URL HTTP/2 mayar.ahlamontada.net/sw.js
IP 94.23.73.212:0
Hash a39580fb7b82d88295af50c5651f79a2
2af49898681beaac260621f4e0bf840377dae173
7126264c223f3e2533658dba8dc64b219541e6dd8602de11a8ab8b202b0c4530
GET /sw.js HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/t1411-topic
Connection: keep-alive
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.1162101026.1667728426; _gid=GA1.2.416290239.1667728426; _gat_gtag_UA_144347007_1=1; _gat_gtag_UA_22180304_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:50 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 401
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 09:53:51 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://mayar.ahlamontada.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7f353273a2311052dae4195a7aa906a7
34b058d2aec290f7a178dcd6bd7e7ca26625939f
97fffc633d9461377f1b369e432773b2dc0e64e4e8b858e204ddaa17cfbe4249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 13:33:18 GMT
Expires: Fri, 11 Nov 2022 13:33:17 GMT
Etag: "34b058d2aec290f7a178dcd6bd7e7ca26625939f"
Cache-Control: max-age=444565,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765cf1c79e15b50f-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 904
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 06 Nov 2022 09:53:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://mayar.ahlamontada.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.net&sn=FirefoxSyncframe&so=0&topUrl=mayar.ahlamontada.net&info=mexr2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czAwR0ZRZmRjYmd0T1YlMkIxQTMlMkJiY2hiNXkyMSUyQm9iSEpuJTJGaiUyRko2ZEhCcHBZ&idsd=432973691,-103910117&cw=1&lsw=1
178.250.2.146200 OK 5.4 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.net&sn=FirefoxSyncframe&so=0&topUrl=mayar.ahlamontada.net&info=mexr2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czAwR0ZRZmRjYmd0T1YlMkIxQTMlMkJiY2hiNXkyMSUyQm9iSEpuJTJGaiUyRko2ZEhCcHBZ&idsd=432973691,-103910117&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (18924)
Hash 8ae2f7bcfc31794568099ba3fac3ecd6
0312fbef4050a5923d4569d26951529073b1fe8c
fa47d88ef46c13dabc960ad3facc7a165f4fc5c1e4eab00a96638adc91b594dd
GET /sid/json?origin=publishertag&domain=ahlamontada.net&sn=FirefoxSyncframe&so=0&topUrl=mayar.ahlamontada.net&info=mexr2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czAwR0ZRZmRjYmd0T1YlMkIxQTMlMkJiY2hiNXkyMSUyQm9iSEpuJTJGaiUyRko2ZEhCcHBZ&idsd=432973691,-103910117&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mayar.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 880260
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221102-48-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221102-48-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash bf1c04dffbcf70fb528d7cf003f8d3c3
babf3d11404d984eb97fe250d643391db4bed923
6c076c9f308134e7f07a2730a4060b9b9141b850ceb889bd83b22a74c0bc8619
GET /libtrc/userx.20221102-48-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: m7Y+PLsPDVH05Z+mv/EHNElFbsQZb8IyMDVeQwOKHmBxO2ET8krlnXMTecdbGCfPpGX1C3hkl3Q=
x-amz-request-id: QQ3D9KXB7YGWPXHZ
x-amz-replication-status: PENDING
last-modified: Sun, 06 Nov 2022 09:43:19 GMT
etag: "cd64469c740fe5393564a58c47678359"
x-amz-version-id: F0xuJdlvXqSi7edhXEqPcKZZ4tWH5FQv
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
via: 1.1 varnish
age: 631
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 60
x-timer: S1667728432.641613,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 17
content-length: 5398
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nkrhd.com/content/98e313b3-4e87-481a-87db-2e973df14292
151.101.85.44200 OK 6.4 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nkrhd.com/content/98e313b3-4e87-481a-87db-2e973df14292
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 450744941d9b9e78ef9c153683597ecf
c035b4352a59f7ff6ce7d9720c756bdb870da586
7bf99ae5bb573be10c95d9eccda12d152c704c929f03391688db82cf5357deb0
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nkrhd.com/content/98e313b3-4e87-481a-87db-2e973df14292 HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 428945025387367680098334302687334530596,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 428945025387367680098334302687334530596,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "8ba32a4d966ea6076e1f4dd0748b051b"
last-modified: Sun, 09 Oct 2022 08:26:40 GMT
req-referer: https://www.filgoal.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: f74e22c23be90a9d56b6b4b21fd993c1
x-envoy-upstream-service-time: 1336
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
age: 2250462
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kiad7000047-IAD, cache-lga21930-LGA, cache-iad-kjyo7100024-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, MISS, HIT
x-cache-hits: 0, 0, 0, 0, 1
x-timer: S1667728432.643708,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nkrhd.com/content/98e313b3-4e87-481a-87db-2e973df14292
x-vcl-time-ms: 1
content-length: 6440
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Dental_Implants_PR/IBvzpUKnSFELPn7Ir.jpg
151.101.85.44200 OK 4.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Dental_Implants_PR/IBvzpUKnSFELPn7Ir.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b93093c9982ebbc56a4fa4db15914a32
079904f7841225980d097ccb426a33a673a5ccbb
2922be35dfef2c0dfea385b1bad77245e28924cee44425859a8194732a1535e2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Dental_Implants_PR/IBvzpUKnSFELPn7Ir.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 309031252537427667707275994661687245200,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 309031252537427667707275994661687245200,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "5de8695b2f1e0c4e80bf6250074e3c84"
expiration: expiry-date="Tue, 18 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 17 Sep 2022 18:00:11 GMT
req-referer: http://www.heygames.club/list.html?list=3
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 134
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
age: 2579990
x-served-by: cache-iad-kiad7000170-IAD, cache-iad-kiad7000137-IAD, cache-bur-kbur8200026-BUR, cache-iad-kcgs7200170-IAD, cache-bma1673-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 23, 1
x-timer: S1667728432.644313,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Dental_Implants_PR/IBvzpUKnSFELPn7Ir.jpg
x-vcl-time-ms: 1
content-length: 4860
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 8.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 679744ee01cd8f0e9d5bd3f97de9a1fd
b678d18309e35ff0e206ae0bbc0d7f57001406f4
fdf1eda67cab7bf239fe9d9d494cf0a204f403ebacc19e6828c2d20fda48175c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "f48ef060a18c1a36e8e104736857c035"
last-modified: Tue, 04 Oct 2022 10:35:32 GMT
req-referer: https://halimb.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 3dcfd34bb355296090bd85c052a57255
x-envoy-upstream-service-time: 428
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
age: 1644179
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kiad7000031-IAD, cache-lax10655-LGB, cache-iad-kjyo7100055-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 84, 1
x-timer: S1667728432.644593,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 8080
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
151.101.85.44200 OK 3.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4a3299cb7586f869a00ac4167422214d
b7e53376f5126117a41761438a9fd52bf9b94673
fcaf170f291e63740974aa27504628ff38e779a73dc066409ebdd02a853b8fd3
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 613669426550226744769788410621596759672,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 613669426550226744769788410621596759672,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "d754fe306cb263ce5dcb98df06b1298b"
last-modified: Thu, 15 Sep 2022 07:08:25 GMT
req-referer: https://fcbarcelona2012.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: c2e09d795ca1873e02d2fc5b901afa20
x-envoy-upstream-service-time: 443
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
age: 2766886
x-served-by: cache-iad-kiad7000161-IAD, cache-iad-kjyo7100103-IAD, cache-bur-kbur8200038-BUR, cache-iad-kjyo7100132-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 78, 1
x-timer: S1667728432.644888,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f70/18/12/20/13/uou10.jpg
x-vcl-time-ms: 1
content-length: 3522
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wwflf.com/content/0afc2310-20d2-47fa-a768-0168c7b68bb7
151.101.85.44200 OK 22 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wwflf.com/content/0afc2310-20d2-47fa-a768-0168c7b68bb7
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f96467ec9bf336cb63c06f7ceebd3b05
4d299eee646f35224db697ab08cf6102450e8a8f
394704cfd3ac3e786767ebbf137f2e433f42838049ba4773d24c5d597182f779
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wwflf.com/content/0afc2310-20d2-47fa-a768-0168c7b68bb7 HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 483456381064636305618407862335223883819,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 483456381064636305618407862335223883819,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "f917835cc6aeea50da5d45e59b0f4d5d"
expiration: expiry-date="Fri, 07 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 06 Sep 2022 15:20:11 GMT
req-referer: https://zone.msn.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 1553
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
age: 3223217
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kiad7000063-IAD, cache-lax10626-LGB, cache-iad-kjyo7100088-IAD, cache-bma1673-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 8, 1
x-timer: S1667728432.643331,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wwflf.com/content/0afc2310-20d2-47fa-a768-0168c7b68bb7
x-vcl-time-ms: 4
content-length: 22112
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b3b730df929ed7084f256b53000dc655.jpg
151.101.85.44200 OK 4.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b3b730df929ed7084f256b53000dc655.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 92026a5a9fcce499e85d76d04b6fe371
63948a99518d8cc32e28628750e9160468f39e87
5aae9f0c134817aff90b31eb39179babb23d89a9d11a2724dcf5acec6379d7d2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b3b730df929ed7084f256b53000dc655.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 457671681042610906711952871495871764303,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 457671681042610906711952871495871764303,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "f288ea97b7846a576aa1678a91b6ea7b"
expiration: expiry-date="Thu, 10 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 10 Oct 2022 07:38:59 GMT
req-referer: https://www.petsbehome.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 73
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
age: 1262087
x-served-by: cache-iad-kiad7000030-IAD, cache-iad-kiad7000083-IAD, cache-lga21953-LGA, cache-iad-kjyo7100022-IAD, cache-bma1673-BMA
x-cache: HIT, HIT, MISS, HIT, MISS
x-cache-hits: 1, 1, 0, 8, 0
x-timer: S1667728432.643968,VS0,VE100
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b3b730df929ed7084f256b53000dc655.jpg
x-vcl-time-ms: 100
content-length: 4786
X-Firefox-Spdy: h2
api.viglink.com/api/domains
99.80.60.12200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash c42954ab2b7740085aff3db3e68074db
ea32b3746dfc03710b1ac238cfff0a72ae0511c1
738e36838e8098d2f3d7ef76287f3c64d1af411b1b222455daed9b5c05cd36bc
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 288
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mayar.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 09:53:51 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
my.rtmark.net/gid.js?userId=f5ng669390vj719421711k3i9vfyk948
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f5ng669390vj719421711k3i9vfyk948
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1e794b313aaf8abc01f8dab7697f95ba
8aa85eaca4ab29b07367e64a48aae3071360af17
1640a0902d42ced10950a9586017241578b7a807c3dc5820fa7099152bea385b
GET /gid.js?userId=f5ng669390vj719421711k3i9vfyk948 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Cookie: ID=02b9180888a14926bb10c139c9d35bdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=02b9180888a14926bb10c139c9d35bdf; expires=Mon, 06 Nov 2023 09:53:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=miMxcwLLUeR3bWpLeq7_sca0WPClWE3OuKnV2mX_p9C9--Bm0wSf79lqZhllybnacrMb2up3-k4LR--rzQkLMWGZGUraYskb6E0fj9-Pm1OhEchKro9GS_V0r43hVAeYoizWOX9S2lvGWVBM87ZOQOd9AoCFWVzbXa-15sqX38hoxb5AV-9MRgkkhLy_ibnhUunO8gWxNM-gKjq3jbTkjEI0e_ScwmJ1jsp_kVdGFktj3_1nHPSDRA%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=b7c1b4d3-3083-460e-9e31-c48731866080&userId=f5ng669390vj719421711k3i9vfyk948&m=link
139.45.195.8200 OK 1.7 kB URL HTTP/2 cdn.betgorebysson.club/?rb=miMxcwLLUeR3bWpLeq7_sca0WPClWE3OuKnV2mX_p9C9--Bm0wSf79lqZhllybnacrMb2up3-k4LR--rzQkLMWGZGUraYskb6E0fj9-Pm1OhEchKro9GS_V0r43hVAeYoizWOX9S2lvGWVBM87ZOQOd9AoCFWVzbXa-15sqX38hoxb5AV-9MRgkkhLy_ibnhUunO8gWxNM-gKjq3jbTkjEI0e_ScwmJ1jsp_kVdGFktj3_1nHPSDRA%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=b7c1b4d3-3083-460e-9e31-c48731866080&userId=f5ng669390vj719421711k3i9vfyk948&m=link
IP 139.45.195.8:0
Hash 9fae3bbaa3b244f9cb15727b696282a1
c624005c5f53309a6b4a9a9d7d12aa2c84b42497
b8ab2ae194022946aeddaea9d62dec020babd26e6742be4dcba1c937aa57647e
GET /?rb=miMxcwLLUeR3bWpLeq7_sca0WPClWE3OuKnV2mX_p9C9--Bm0wSf79lqZhllybnacrMb2up3-k4LR--rzQkLMWGZGUraYskb6E0fj9-Pm1OhEchKro9GS_V0r43hVAeYoizWOX9S2lvGWVBM87ZOQOd9AoCFWVzbXa-15sqX38hoxb5AV-9MRgkkhLy_ibnhUunO8gWxNM-gKjq3jbTkjEI0e_ScwmJ1jsp_kVdGFktj3_1nHPSDRA%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=b7c1b4d3-3083-460e-9e31-c48731866080&userId=f5ng669390vj719421711k3i9vfyk948&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Cookie: OAID=02b9180888a14926bb10c139c9d35bdf; oaidts=1667728430
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:52 GMT
content-type: application/json
x-trace-id: bb2eac404e6273301bc12faf96378202
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f5ng669390vj719421711k3i9vfyk948; expires=Mon, 06 Nov 2023 09:53:52 GMT; path=/; secure; SameSite=None
oaidts=1667728432; expires=Mon, 06 Nov 2023 09:53:52 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 13 Nov 2022 09:53:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=09%3A53%3A49.877&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=617&cv=20221102-48-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=09%3A53%3A49.877&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=617&cv=20221102-48-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=09%3A53%3A49.877&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=617&cv=20221102-48-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 09:53:52 GMT
x-fastly-to-nlb-rtt: 78110
access-control-allow-credentials: true
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7b72a082fc5e3bc4aabbb79f73fb604
31cc6cd9b3dfbd31d24cd47dd2fcb29f5522822f
bf20590ab0b6486faa1a22e447f2ae149aa76742fd65fa43993646031d90a1e1
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 09:04:05 GMT
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
server: AmazonS3
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: AfyrLxGlKNoXsjSvShOJ1QFm2rrv76iJaqEsgbMoQU-1oTsr3wJz-Q==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:52 GMT
age: 3543113
x-served-by: cache-bma1673-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 363640
x-timer: S1667728432.307534,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29884
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
151.101.85.44304 Not Modified 0 B URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 13 Sep 2022 09:04:05 GMT
If-None-Match: "8b1ffbd4f9c44c447f9a11e92fbb9112"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 06 Nov 2022 09:53:52 GMT
via: 1.1 varnish
cache-control: public, max-age=2592000
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
age: 3543113
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 363641
x-timer: S1667728432.326676,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
X-Firefox-Spdy: h2
api.viglink.com/api/domains
99.80.60.12200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 99.80.60.12:0
File type ASCII text, with no line terminators
Hash 6f0b403040fde428c76aed0b8b7678a8
e1046f90cbc9af8006ad99cf274721e971afeae5
32059efaf86dfc0d1698889b63c3df0dc7112db358ab6c03706a2878b9fe8ebb
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 190
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mayar.ahlamontada.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 06 Nov 2022 09:53:51 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&_u=YEBAAUAAAAAAACAAI~&z=1871985316
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&_u=YEBAAUAAAAAAACAAI~&z=1871985316
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&_u=YEBAAUAAAAAAACAAI~&z=1871985316 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 09:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&_u=YEBAAUAAAAAAACAAI~&z=1871985316
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&_u=YEBAAUAAAAAAACAAI~&z=1871985316
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=1162101026.1667728426&jid=1341859222&_u=YEBAAUAAAAAAACAAI~&z=1871985316 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 09:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4442
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728432.449343,VS0,VE84
x-vcl-time-ms: 84
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&cmcv=&pix=undefined&cb=1667728430729&uv=3239&tms=1667728430729&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5874947a-b808-49ea-b72e-0ae6e72d9bcb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 446 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&cmcv=&pix=undefined&cb=1667728430729&uv=3239&tms=1667728430729&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5874947a-b808-49ea-b72e-0ae6e72d9bcb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (928), with no line terminators
Hash aa5c9c208faedf4fad35d0ad58d2e4fb
00193b362fcc5b5b3773d77e0a9f3085a01a6d02
9699cfcc1eb682fc0a9a0e2055940820ec11d0fad46aa9645d0d4da6986223f1
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&cmcv=&pix=undefined&cb=1667728430729&uv=3239&tms=1667728430729&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5874947a-b808-49ea-b72e-0ae6e72d9bcb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728433.650896,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&cmcv=&pix=31589837&cb=1667728430801&uv=3239&tms=1667728430801&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667728423513!ts:1667728430801&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&cmcv=&pix=31589837&cb=1667728430801&uv=3239&tms=1667728430801&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667728423513!ts:1667728430801&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&cmcv=&pix=31589837&cb=1667728430801&uv=3239&tms=1667728430801&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1667728423513!ts:1667728430801&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:52 GMT
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b1fdd8c88ac9918872b5169313de497
4b0e37a85187fef2dacae80ad609141e87a4efee
e008af97d19c0e422715263183063bbaffdde87a3ce9f650a78de442b0fec338
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3029
Cache-Control: max-age=137383
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Etag: "6366ee02-1d7"
Expires: Tue, 08 Nov 2022 00:03:35 GMT
Last-Modified: Sat, 05 Nov 2022 23:13:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b1fdd8c88ac9918872b5169313de497
4b0e37a85187fef2dacae80ad609141e87a4efee
e008af97d19c0e422715263183063bbaffdde87a3ce9f650a78de442b0fec338
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=135167
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Etag: "6366ee02-1d7"
Expires: Mon, 07 Nov 2022 23:26:39 GMT
Last-Modified: Sat, 05 Nov 2022 23:13:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:52 GMT
via: 1.1 varnish
age: 8519
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 634
x-timer: S1667728433.964534,VS0,VE0
cache-control: private,max-age=31536000
abp: 17
content-length: 254
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b1fdd8c88ac9918872b5169313de497
4b0e37a85187fef2dacae80ad609141e87a4efee
e008af97d19c0e422715263183063bbaffdde87a3ce9f650a78de442b0fec338
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2344
Cache-Control: max-age=136698
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Etag: "6366ee02-1d7"
Expires: Mon, 07 Nov 2022 23:52:10 GMT
Last-Modified: Sat, 05 Nov 2022 23:13:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b1fdd8c88ac9918872b5169313de497
4b0e37a85187fef2dacae80ad609141e87a4efee
e008af97d19c0e422715263183063bbaffdde87a3ce9f650a78de442b0fec338
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=135167
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:52 GMT
Etag: "6366ee02-1d7"
Expires: Mon, 07 Nov 2022 23:26:39 GMT
Last-Modified: Sat, 05 Nov 2022 23:13:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 09:53:52 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebcbedf7-5db8-11ed-8ab9-1f0541440406; expires=Sun, 04-Dec-2022 09:53:52 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebcbee35-5db8-11ed-8ab9-1f0541440406
X-fe: 121
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667728430754&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-2087158788&tz=0&viewable=true&ddast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmayar.ahlamontada.net&en=1
151.101.85.44200 OK 511 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667728430754&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-2087158788&tz=0&viewable=true&ddast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmayar.ahlamontada.net&en=1
IP 151.101.85.44:0
File type ASCII text, with very long lines (1416), with no line terminators
Hash ad4657d26da775520d875bc6f140403b
84e5c320fcf95955e53e57fb4987ca16be83dbfe
597541351ad5ffd3b3c76932404bb2517bdeddea9ccdc405c463adf19f35821b
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667728430754&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-2087158788&tz=0&viewable=true&ddast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fmayar.ahlamontada.net&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1447
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728433.848691,VS0,VE111
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebd079b3-5db8-11ed-97f8-14bc9e680306; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd07a13-5db8-11ed-97f8-14bc9e680306
X-fe: 41
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebd0d4ce-5db8-11ed-8121-1d03a5b20106; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0d505-5db8-11ed-8121-1d03a5b20106
X-fe: 87
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebcbee35-5db8-11ed-8ab9-1f0541440406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebcbee35-5db8-11ed-8ab9-1f0541440406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebcbee35-5db8-11ed-8ab9-1f0541440406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebd15c4a-5db8-11ed-9cb6-1d21b9eb0406; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 73
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vidstat.taboola.com/vpaid/units/32_3_9/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_9/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_3_9/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ljlvvQDhIUCzT4p7ctrpgRVm/AgQtm7fjmkgdPdQEdK+I/6gOStiEPjeOdgbHJbZhoc5ZvcUtsg=
x-amz-request-id: T5MPDEACYQN9GHJF
last-modified: Thu, 27 Oct 2022 07:34:38 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1666856077
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856076
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:53 GMT
via: 1.1 varnish
age: 872143
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 186242
x-timer: S1667728433.016923,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0a888-5db8-11ed-805e-17d925990306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0a888-5db8-11ed-805e-17d925990306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0a888-5db8-11ed-805e-17d925990306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebd5a85b-5db8-11ed-bbfb-1e1d47870506; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 104
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd07a13-5db8-11ed-97f8-14bc9e680306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd07a13-5db8-11ed-97f8-14bc9e680306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd07a13-5db8-11ed-97f8-14bc9e680306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebd7aa5f-5db8-11ed-b165-1365eaaf0506; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0d505-5db8-11ed-8121-1d03a5b20106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0d505-5db8-11ed-8121-1d03a5b20106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ebd0d505-5db8-11ed-8121-1d03a5b20106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ebd8fee8-5db8-11ed-94f6-1644f9a80506; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 96
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 386ab1abf63e2d84590ac4811af42f4a
f4be9c54ab943ec73bbcdaee8cf4b6e996f77d2c
cb09e3ff1edca73ba28e7346debdc45ea7c6a82a0a7cfb06f003c565ecc3472b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1915
Cache-Control: max-age=103827
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 09:53:53 GMT
Etag: "63666f4a-1d7"
Expires: Mon, 07 Nov 2022 14:44:20 GMT
Last-Modified: Sat, 05 Nov 2022 14:12:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 7aaea6ff8a719f2f88ec382a690cb505
6fc812ca4065e58573d5406338bf4e45b3ddadb4
8df36f22bb7657b3998bb9907468ad1af53c23ce7aa13183fc80e9d11c9068b5
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 10 Nov 2022 08:58:55 GMT
ETag: "6fc812ca4065e58573d5406338bf4e45b3ddadb4"
Last-Modified: Sun, 06 Nov 2022 08:58:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 17
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765cf1d31d671c16-OSL
vidstat.taboola.com/vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127663 bytes)
Hash ed6a7be4b07d1653940edf3b59561b62
e86457f6d9ef3ef5fec8a050d56af827c9196a13
acf67360b42eaaba607d73f434c457b3200388b5e62e4e91d984d7e9d6d35172
GET /vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 4XCKL71V4KhsoHyueX5jpjHsfDsjxykDhjiYcY77zYUxGJieqBjvCotMWQmIVh7NEI0bxQTkd+w=
x-amz-request-id: S3DTXRQWZQ29XXKX
last-modified: Thu, 27 Oct 2022 07:33:46 GMT
etag: "ed6a7be4b07d1653940edf3b59561b62"
x-amz-meta-ctime: 1666856025
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856024
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:53 GMT
via: 1.1 varnish
age: 872142
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 94199
x-timer: S1667728433.136074,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127663
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f75d606d78f1bb1899625dd8cf247a7
2a29750c52f72412d1cfcb75ee403c1c75ad30f6
227d7501f2b10c85afbee42f15b770372301d3cd7832558533fbbfc6f3e78536
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 01:56:50 GMT
Expires: Sat, 12 Nov 2022 01:56:49 GMT
Etag: "2a29750c52f72412d1cfcb75ee403c1c75ad30f6"
Cache-Control: max-age=489175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765cf1d2ebecb517-OSL
ups.analytics.yahoo.com/ups/58534/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 06 Nov 2022 09:53:53 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDGEZ2MCEJbMY8eWZhSGnDB17nQSnMQFEgEBAQHVaGNxYwAAAAAA_eMAAA&S=AQAAArND5jjeufq2BZNM4vz4AsQ; Expires=Mon, 6 Nov 2023 15:53:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:53 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 09:53:53 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDGEZ2MCEFDegX2bEeEG7GPwhbacstEFEgEBAQHVaGNxYwAAAAAA_eMAAA&S=AQAAAtaLgFYMAlqYt5sbadWIMzg; Expires=Mon, 6 Nov 2023 15:53:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 2.0 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash c3066c24588f0cf70f2d920ab5abb842
0eff61735c4ebbe3497f9a901a1ef80e19190ddf
e9383897be49e183e5558d2bfb4deaa7f1e9bb65e39f1565fa35b8c779faf43c
GET /sync?dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:52 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:53 GMT
via: 1.1 varnish
age: 3108
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 3407
x-timer: S1667728433.465134,VS0,VE0
vary: Accept-Encoding
abp: 17
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ec2c3b29-5db8-11ed-ab9a-1e5bf6c20506; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ec2c3b80-5db8-11ed-ab9a-1e5bf6c20506
X-fe: 68
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ec2c3b80-5db8-11ed-ab9a-1e5bf6c20506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ec2c3b80-5db8-11ed-ab9a-1e5bf6c20506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ec2c3b80-5db8-11ed-ab9a-1e5bf6c20506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ec31ce63-5db8-11ed-8325-1342c0320406; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 90
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
54.164.248.203200 OK 87 kB URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 54.164.248.203:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 53007d09ec99086845db8c07c33cfbeb
a9851bff317d9fcc66246de1cab70f7acad3eeb3
db151c28d3e5caab7f5f623ef4f91076f4e43fcdcf754e0d8b7364c2ef9d930f
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:53 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:53 GMT
age: 1141198
x-served-by: cache-bma1673-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 140217
x-timer: S1667728434.670270,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://mayar.ahlamontada.net
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 971 B URL HTTP/2 am-match.taboola.com/sync?dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash 7f5f38bd042b7715b7b86d84a64f6a88
88b771a48a6fd0d833f3f543c8c6941a2220bf06
303947081c172cff5e89d988459d092d7ce86df978eea51203757cc2ac2c1445
GET /sync?dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:53 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 09:53:53 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ec564fa8-5db8-11ed-8866-156973b60106; expires=Sun, 04-Dec-2022 09:53:53 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ec564ff6-5db8-11ed-8866-156973b60106
X-fe: 5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ups.analytics.yahoo.com/ups/58534/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 06 Nov 2022 09:53:53 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDGEZ2MCEPwv4oSU-JKm4q2DBhNaWR8FEgEBAQHVaGNxYwAAAAAA_eMAAA&S=AQAAAsTvGjwUGQ1Y6mheeepqQNg; Expires=Mon, 6 Nov 2023 15:53:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:53 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&encoded=1&uid=0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1667728429363&tagid=&cntry=NO&platform=1&sesid=7bdff9f003e24e549ef2fa23bfe71b8a&itemid=/t1411-topic&viewid=1667728426203&geolat=&geoing=&deviceifa=&appid=&sd=v2_7bdff9f003e24e549ef2fa23bfe71b8a_0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac_1667728428_1667728428_CNawjgYQ3pxDGNuJ8eLEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=bea90874b5d85226494af6b1de344d8a&appname=&cdb=&gdprApplies=true&rid=&sii=-5289133603330980927&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891
151.101.85.44200 OK 971 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&encoded=1&uid=0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1667728429363&tagid=&cntry=NO&platform=1&sesid=7bdff9f003e24e549ef2fa23bfe71b8a&itemid=/t1411-topic&viewid=1667728426203&geolat=&geoing=&deviceifa=&appid=&sd=v2_7bdff9f003e24e549ef2fa23bfe71b8a_0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac_1667728428_1667728428_CNawjgYQ3pxDGNuJ8eLEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=bea90874b5d85226494af6b1de344d8a&appname=&cdb=&gdprApplies=true&rid=&sii=-5289133603330980927&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891
IP 151.101.85.44:0
Hash 4242146c65cf02c673edc32f5a6161a9
1ef5ce0a29deb41c2d39b7e49594e2679eb01dbf
3a56916cc37bfbd02cf4b4029a73e594db251af7463c50d418a6cf776402229c
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=728x90%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&encoded=1&uid=0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1667728429363&tagid=&cntry=NO&platform=1&sesid=7bdff9f003e24e549ef2fa23bfe71b8a&itemid=/t1411-topic&viewid=1667728426203&geolat=&geoing=&deviceifa=&appid=&sd=v2_7bdff9f003e24e549ef2fa23bfe71b8a_0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac_1667728428_1667728428_CNawjgYQ3pxDGNuJ8eLEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=bea90874b5d85226494af6b1de344d8a&appname=&cdb=&gdprApplies=true&rid=&sii=-5289133603330980927&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1444
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728432.649095,VS0,VE32
vary: Accept-Encoding
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 09:53:54 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDKEZ2MCED_WDfJIwUvlTP3pnnprCpsFEgEBAQHVaGNxYwAAAAAA_eMAAA&S=AQAAAo_HLUg9wvs9R6zNntPeQGc; Expires=Mon, 6 Nov 2023 15:53:54 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=09%3A53%3A46.206<i=deflated&data=%7B%22id%22%3A773%2C%22ii%22%3A%22%2Ft1411-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667480673762%2C%22vi%22%3A1667728426203%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic%22%2C%22vpi%22%3A%22%2Ft1411-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A11718%2C%22dh%22%3A5720%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A505.8999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5663.39990234375%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1411-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 5.0 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=09%3A53%3A46.206<i=deflated&data=%7B%22id%22%3A773%2C%22ii%22%3A%22%2Ft1411-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667480673762%2C%22vi%22%3A1667728426203%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic%22%2C%22vpi%22%3A%22%2Ft1411-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A11718%2C%22dh%22%3A5720%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A505.8999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5663.39990234375%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1411-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
Hash b8c25ae8a115f66f8095893efd1a677a
37f089e1cec54a7b2f6334b4570f9a92800a460f
0fbe796e2ad6be0c844e9a2095b8f467cd31138d7fd0300466562890cf2686f7
GET /forumotion-ar/trc/3/json?tim=09%3A53%3A46.206<i=deflated&data=%7B%22id%22%3A773%2C%22ii%22%3A%22%2Ft1411-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667480673762%2C%22vi%22%3A1667728426203%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic%22%2C%22vpi%22%3A%22%2Ft1411-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A11718%2C%22dh%22%3A5720%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A505.8999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5663.39990234375%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1411-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:48 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728428.273387,VS0,VE432
vary: Accept-Encoding
x-vcl-time-ms: 432
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Content-Type: application/json
Origin: https://mayar.ahlamontada.net
Content-Length: 398
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e69b5f681beedc9b88db6b4a310b7ebe
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=7b01c4b0d36242d1925cb52de7876bbf&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=7b01c4b0d36242d1925cb52de7876bbf&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1e794b313aaf8abc01f8dab7697f95ba
8aa85eaca4ab29b07367e64a48aae3071360af17
1640a0902d42ced10950a9586017241578b7a807c3dc5820fa7099152bea385b
GET /gid.js?pub=0&userId=7b01c4b0d36242d1925cb52de7876bbf&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Cookie: ID=02b9180888a14926bb10c139c9d35bdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=02b9180888a14926bb10c139c9d35bdf; expires=Mon, 06 Nov 2023 09:53:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.402
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.402
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mayar.ahlamontada.net/
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:54 GMT
etag: W/"63626a7e-180b9"
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.98200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.98:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 90424
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:48 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 657705
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP 104.21.63.213:0
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5104029
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9%2BOyn4Mdzh4FSjepcdVYKrgDZsWcTpGPXsDvsadnqLBsMDzbP7Aq3XAVLWmC62Fz5jMI%2BP9nZfbzc4rU2pOAFVg5lI3KSrPfS7ZpWFhunB%2B0R91CulJWD5pb6%2BQtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aa59dab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/ticker/ticker.css
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/ticker/ticker.css
IP 104.21.63.213:0
GET /rs3/63/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:59 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5104007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z10RTsXl0ouGTz6wGmVLCMvKy27d2%2FLt28K4Id%2Fc9kIkPrFCPybO8xQU%2FPM%2BxCNlmktRMnz0gQiG6mPDJcMkhuM3vFpyaRhqhC5tbp4cx43YxiBOLWjaqK22FJGS5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765cf1aa9a0fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/button/light?id=topicit-connect-1&redirect=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmayar.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/button/light?id=topicit-connect-1&redirect=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmayar.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1
IP 172.67.158.56:0
GET /button/light?id=topicit-connect-1&redirect=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmayar.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1 HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Sun, 06 Nov 2022 09:53:47 GMT
expires: Sun, 06 Nov 2022 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Imx3VVNnMUpYcWU3WXdzMDQ4S2NSQlE9PSIsInZhbHVlIjoiYjlwVVZXNUw2T0VWZjdQVEtsRWlud2dtdXR3c3pjSzVyZCtCZTBcL0U5eUVuaE4xNmM4TXNCZk9aNFlOZXNNekciLCJtYWMiOiIyODE3YWRmZTRmMTJmYzIyNzBmMWEwNTM0OWI5OTU0ZDNlZmE5ZjJkNzA1OTBjMDUzNjhiODE3MjdiMzRmZmM5In0%3D; expires=Sun, 06-Nov-2022 11:53:47 GMT; Max-Age=7200; path=/; domain=.topicit.net
topicit_session=NsyiiYwBT24Xrm9UwG84KXIciLaPy8fAASvsSFSd; expires=Sun, 06-Nov-2022 11:53:47 GMT; Max-Age=7200; path=/; domain=.topicit.net; httponly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDWQQGwZt410Ws95U3wtKQu27%2BfVeuowTpmRbuWimDp7xgFzv9oPPAUnxN4vPRZKE7ooN0ZHOPBC0DoGv%2FKStZ37tNvzn7HjSPvFqoxdV681NWy%2FI1h2Eg9dhdLLqbRtQ%2FuGiuWI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765cf1af2b11b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&encoded=1&uid=0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1667728429403&tagid=&cntry=NO&platform=1&sesid=7bdff9f003e24e549ef2fa23bfe71b8a&itemid=/t1411-topic&viewid=1667728426203&geolat=&geoing=&deviceifa=&appid=&sd=v2_7bdff9f003e24e549ef2fa23bfe71b8a_0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac_1667728428_1667728428_CNawjgYQ3pxDGNuJ8eLEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=66a58b832f05439a55c598ea7a8ad791&appname=&cdb=&gdprApplies=true&rid=&sii=-5289133603330980927&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&encoded=1&uid=0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1667728429403&tagid=&cntry=NO&platform=1&sesid=7bdff9f003e24e549ef2fa23bfe71b8a&itemid=/t1411-topic&viewid=1667728426203&geolat=&geoing=&deviceifa=&appid=&sd=v2_7bdff9f003e24e549ef2fa23bfe71b8a_0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac_1667728428_1667728428_CNawjgYQ3pxDGNuJ8eLEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=66a58b832f05439a55c598ea7a8ad791&appname=&cdb=&gdprApplies=true&rid=&sii=-5289133603330980927&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&encoded=1&uid=0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1667728429403&tagid=&cntry=NO&platform=1&sesid=7bdff9f003e24e549ef2fa23bfe71b8a&itemid=/t1411-topic&viewid=1667728426203&geolat=&geoing=&deviceifa=&appid=&sd=v2_7bdff9f003e24e549ef2fa23bfe71b8a_0b858e9a-576c-4161-ab29-b7f2cccb6e16-tucta6109ac_1667728428_1667728428_CNawjgYQ3pxDGNuJ8eLEMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=66a58b832f05439a55c598ea7a8ad791&appname=&cdb=&gdprApplies=true&rid=&sii=-5289133603330980927&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=7891 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mayar.ahlamontada.net
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1403
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://mayar.ahlamontada.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728432.649345,VS0,VE32
vary: Accept-Encoding
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&cmcv=&pix=undefined&cb=1667728430803&uv=3239&tms=1667728430803&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fc4b34d8-ce6b-4856-b041-48dc9918725f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&cmcv=&pix=undefined&cb=1667728430803&uv=3239&tms=1667728430803&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fc4b34d8-ce6b-4856-b041-48dc9918725f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7M2wCFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJOYxTTyjkXGtcdkmbtFwNVtLDKPFWjQceZzLxXA3Wc2MQHKb3Wi4XHnWKofF5hZNLBa3xLZYrhUWm3O1WxgnjtFkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjekoOl0-Fz3erXD-bDcFUazw-23mx4mh13uMv1Fj9FisRb9DU-PHQAAAAAeAKzeMiF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAMSC40AD45CN5z9vsDAKBhCwQAQACDBGBgNaAE4ON85QQAAAAAAAAAgOX___8_BmAPa0wGYGR_pwfgwQfggahgr4gRAAAAwJaWiubRpE6oLKoAAAjSrQCuAAACCJm4tFrCAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0NvodVoQy-i12i8gAMDaLyAAAJu6AQC8BcAFHUErBoPVKcRuOFvsRrPNaHYAAAAAd_____96IDcx2WzOmWGwWVlGK9doubJZZg7LZmJz-RYT48J76Ux6K1iuMYl9HsIy-30HEcvzNf0NBxnf8nobREXX22J3OM2e-1G0ZLlb7lajyWI0Wi43u-FmNNjfQAxWA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRUtWy-VytdmsVrvRYjbYLIebDVK0ajUbbQbD1Wwy2-1Ww8FwORohRUuWu-VuNZosRqPlcrMbbkaDIcLAxLgarpwLt2o327hFi9lirbBYlmuJb2bZeDwW28oxW4teH9PDthgsFx4vCgZw7EVwkU5kfsvr7Tc9_Xa3wnIRSzQni3Qiu-x7E5PN5pwZBpuVZbRyjZYrm2XmsGwmNpdvMTEu_IWJcTVcORdu1W62cYsWs8VaYbEs1xLfzLLxeCy2lWO2Fr0-podtMVguPP7GbLbbTYajyXDfmM12u8lwNBnuO3SG7-pzNjqD44lHZ12JKzOLzWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_wmhj-furntZu9HcQGgyKWCE4X6UT0Mp4uYonkaZFOZLOFazgxbiYzw2q0WS5cq41rOVw5fAvjwuRbLiZiidJ0kU70osdosViL_oanx6L-I0Mu5srBXDSZK1ajVQIAAAAAAAAAWMKceRMAAACA00BGg81wtVwACGcv3Z95Pyh2n0XqXdvMHIFh8IHg4saPG8xveb39pqff7lZYrgzwQE3OvNkzQazValkDAAAIYAMAAARw6-YtAJuR2weK0gg_cqXY4ye44XIx!&cmcv=&pix=undefined&cb=1667728430803&uv=3239&tms=1667728430803&abt=amplean_vF!esv_vB!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fc4b34d8-ce6b-4856-b041-48dc9918725f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 09:53:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667728433.733323,VS0,VE26
vary: Accept-Encoding
X-Firefox-Spdy: h2
mayar.ahlamontada.net/t1411-topic
94.23.73.212200 OK 0 B URL HTTP/2 mayar.ahlamontada.net/t1411-topic
IP 94.23.73.212:0
GET /t1411-topic HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sun, 06 Nov 2022 00:00:00 GMT
last-modified: Sun, 06 Nov 2022 09:53:46 GMT
vary: User-Agent
set-cookie: exadd=166774; expires=Sun, 06-Nov-2022 13:53:46 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery//ticker/ticker.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery//ticker/ticker.js
IP 104.21.63.213:0
GET /rs3/63/frm/jquery//ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:38:35 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5102110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQJbeTULFGOra3axzswKRxLSIu5ItScx7IwGjtyJ4321dHaizNNPvApb%2FJ5gJ9MuA9ttU4pZHIE39Nny9M2ssBMwG%2Ffkiwrq7DdjC5oYdW8AG5lrz8PPSrCIlPvW9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aa49bab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/marquee/jquery.marquee.min.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/marquee/jquery.marquee.min.js
IP 104.21.63.213:0
GET /rs3/63/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Fri, 08 Sep 2023 08:06:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
cf-cache-status: HIT
age: 5104029
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iJqzFqJe1GvPMFNVg4MyVSzLreVUyjXG%2BtMb3%2FXHYxj6AuOYYy91rYTwKcQtuI0AyMmeZjnpqiwdiUIRlATyzmrr%2BGy8ZISBF2MBufo9%2BRzmgt2swbrjY02vY6eRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aa9a12b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:51 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NILieLiPZ17e5YdXddUdZnZoTrTGmUEgK%2FTvqHNUIrFg2sKN1pPpNWmEFEKZQmYc6wozy8%2BQ7kfeqNjke0n8HmpNHzsOkGM5pMMFxV2DRXXbXS0RGMCTRTQ%2B%2BNqilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1c66e16b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=OGiRo180M0RITmhlJTJCZkMwOUJGQlhaMUN2czAwR0ZRZmRjYmd0T1YlMkIxQTMlMkJiY2hZTkczM1RsM0lVVVhjaWlSMjNnUnRq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=mexr2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czAwR0ZRZmRjYmd0T1YlMkIxQTMlMkJiY2hiNXkyMSUyQm9iSEpuJTJGaiUyRko2ZEhCcHBZ; expires=Fri, 01 Dec 2023 09:53:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 471527
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7i20CFgMcEKcYZ7Cz7wQcEKcYZ7Cz7wUAAAAGBuIHJDXcjZaj3cItMQ6Ga9Fy5XBLfJOVW7Bw2Va-ycg58ViMQBK-4WA0cXncCtfEtRYtPLu1wuJxrmUez2Y4Gg5WI99mChE3GQ6fg4Go6Hpb7A6n2fOGFDSdDp_rXq92OB-Wu8Jodrj9dtPD5LDLXaa_6DFaLNaiv-HpsQMAAADAA4DVWybEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAaAAcmFBsAnB8F7zn5_AAA0bIEAAAhgkAAMrAaUAHycr5wAAAAAAAAAALD8____xwDsYY3JAIzs7_QAPPgAPBAVkBYxAgAAANjSUtE8mtQJlUUVAABBuhXAFQBAACETl5ZLGAAAQMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE3obvU4LYhm9VvsFBABY-wUEAGBTNwCAtwC4oCNoxWCwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD-QmJpvNOTMMNivLaOUaLVc2y8xh2UxsLt9iYlx4L51JbwXLNSaxL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwMxWA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIAxPjarhyLtyq3WzjFi1mi7XCYlmuJb6ZZePxWGwrx2wten1MD9tisFx4vCgYwLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy701MNptzZhhsVpbRyjVarmyWmcOymdhcvsXEuPAXJsbVcOVcuFW72cYtWswWa4XFslxLfDPLxuOx2FaO2Vr0-pgetsVgufD4G7PZbjcZjibDfWM22-0mw9FkuO_QGb6rz9noDI4nHp11Ja7MLDaHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8w2ti-Pupn9du9nYQGwyKWCI4XaQT0ct4uoglkqdFOpG4HM7BcDeauEbG1WQyGy1HC5tt4hi5PKPRyLiwiCVK00U60Yseo8ViLfobnh6L-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_5v2g2H0WqXdtM3MEhsEHgosbP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4fKEoj_MiVYo-f4IbLxQA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:52 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
104.21.63.213200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP 104.21.63.213:0
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5104058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahpdDuURg%2BKcQ98XvfoSjCUlVd0L9Bk867dU4gJd3AQqbCicxTql3kehRXbKnX1pv6cCbD0fJLnwlCpwFp7L694%2FEHd2qZz65cEOMATtRzXV6x1qUflPQzGXdo6VvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aa49bcb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmayar.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmayar.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1
IP 172.67.158.56:0
GET /button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fmayar.ahlamontada.net%2Ft1411-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fmayar.ahlamontada.net%2Ftopicit%2Findex.php%2Fconnect&version=1 HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Sun, 06 Nov 2022 09:53:47 GMT
expires: Sun, 06 Nov 2022 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6ImdMWDltVjhJK1lkYnk3SFJpWUpkT0E9PSIsInZhbHVlIjoiWEVISXZydzQ2V0x4N3Rwb3JcL01ESFZaT3BBbFhaYUlWb1NxUEtvZm5oZVwveHVscUFlVTVpNUZDS1MyOTVDXC8zXC8iLCJtYWMiOiJlN2UyZDA2MmUzMDBjY2Y1YzhmNmUwODc2YjE4MzMyYzM0ZmFjYTVkYzU2MjhhMTBjZmM1Yzc3Y2FiMzQyMWY2In0%3D; expires=Sun, 06-Nov-2022 11:53:47 GMT; Max-Age=7200; path=/; domain=.topicit.net
topicit_session=BDKumVZos3Aiuta3w1bcyM2CUMb1wSzLexzMlXsl; expires=Sun, 06-Nov-2022 11:53:47 GMT; Max-Age=7200; path=/; domain=.topicit.net; httponly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsCnhHuBCU6wb5t7wewIQmzJK1vEXNNTDOQV8SihwagZO9ex9iRKzMTCGq4v2tNzrCVJtEoqD%2FOXmuiuXs1kS5QRAWU8ERjix%2B5Or4VuHLM2V%2FDLj3KchFmcmLj9h4%2F4W8K%2B4g77"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765cf1af2b0eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mayar.ahlamontada.net/serviceworker.js
94.23.73.212200 OK 0 B URL HTTP/2 mayar.ahlamontada.net/serviceworker.js
IP 94.23.73.212:0
GET /serviceworker.js HTTP/1.1
Host: mayar.ahlamontada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166774; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 172.67.158.56:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 3820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4ibyAuUT5Ko%2FmL%2FfU5ppSkv0%2FIiqWe%2F%2BsWqlp1gATlnof0P39JdOgswWlQRJRJVbvcNeYGNi8NVFgmfph0POiLgX79FSlXl4l8LqfAMIRNQ4DBDh0i25%2FNo8VXvdK0J0RLn8RtM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765cf1aefae7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Tue, 06 Dec 2022 09:53:46 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: E042:8430:27CD466:2922CEC:63616F0B
vary: Accept-Encoding
x-fastly-request-id: b5d54b17e716d87112ad9a589df488796482241e
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mayar.ahlamontada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 09:53:46 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Mon, 07 Nov 2022 09:53:46 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2