h1a1.ahlamontada.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: h1a1.ahlamontada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 13:11:33 GMT
Content-Length: 0
Location: https://h1a1.ahlamontada.com/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 13:11:33 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2374
Cache-Control: max-age=165559
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:33 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:10:52 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 12:18:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3175
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2346
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 13:11:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yHzGrjaa8VjZR9O/BrODlsDiHo6Lw+tQPEg0shYNGTyGjg2ythjI/BxwG7kSL3k6bmzDLIVcqj8=
x-amz-request-id: 5ZHKRE6VXJ56YWM9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 12:47:06 GMT
age: 1467
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c7ee053214e7804e8490620c00272093
e13edafc5397d32ef72cd8604a711cece2b45e95
6b0a5151bd15fd2b0d0b53fef1ab6d0a85719e851bc1c7dfab17ccbec8b9450c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0A5151BD15FD2B0D0B53FEF1AB6D0A85719E851BC1C7DFAB17CCBEC8B9450C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4659
Expires: Tue, 06 Dec 2022 14:29:12 GMT
Date: Tue, 06 Dec 2022 13:11:33 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 8c18dc7f4881af5df5a7c8245de07fa2
f818fddf09ae8105408712f5338aa001eed34bfb
c05325c67406a70393856b839fb2d12b52d41e34a68e94289ef55e3eae38d11e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 8c18dc7f4881af5df5a7c8245de07fa2
f818fddf09ae8105408712f5338aa001eed34bfb
c05325c67406a70393856b839fb2d12b52d41e34a68e94289ef55e3eae38d11e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 8c18dc7f4881af5df5a7c8245de07fa2
f818fddf09ae8105408712f5338aa001eed34bfb
c05325c67406a70393856b839fb2d12b52d41e34a68e94289ef55e3eae38d11e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illiweb.com/rs3/66/frm/lang/ar.js
200 OK 19 kB URL HTTP/2 illiweb.com/rs3/66/frm/lang/ar.js
IP
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash 9e654787acd36a0df989b589b39c2d17
8ad907284da6da97e912f1cc313c811bc57a0a53
fa842656f4908a6aac76036d945739f6df1a7823ef64776082a7e18d7270d4c9
GET /rs3/66/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:36:20 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1136114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv%2FTISThFU%2Bu1ESB%2B2SdT%2B3gmP3CLsx8FengZwXU1KTNlXjOYsyLOaJIIStRc1tfa7xoGlTDq7N7AfSeqvjZiYmobwzRZLTc0lCMTt1Mxqk26%2Fbi2pzWMWBi6uSLuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a65e88fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 727 B IP
Hash 7fe94c585902a252abe3447abd2bbf07
87606743d43758e019576fcafcae475c3e6f000c
6de37d29b18ddba414c2977cc6df421319e2d03db3deeb400895efcd533a2d2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4837
Cache-Control: max-age=106084
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638e2805-2d7"
Expires: Wed, 07 Dec 2022 18:39:38 GMT
Last-Modified: Mon, 05 Dec 2022 17:19:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 280 B IP
Hash 8c18dc7f4881af5df5a7c8245de07fa2
f818fddf09ae8105408712f5338aa001eed34bfb
c05325c67406a70393856b839fb2d12b52d41e34a68e94289ef55e3eae38d11e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:40:06 GMT
expires: Wed, 29 Nov 2023 18:40:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 585088
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
File type ASCII text, with very long lines (1921)
Hash 166ee8b5588f5ab8ce2216f5e59aa965
17e800a4736bcba47a043637403bc12d35fc2c88
7aa24e606f7c35fcaa621b2d97ff31db633f23a4ba181a36492f6a247af83a07
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 13:11:34 GMT
expires: Tue, 06 Dec 2022 13:11:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/empty.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 114549
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzs4CIybDr1FECKAgj2I%2B4rXmHopBynZGnjzGpx5BmVAXlbYyE979VyzA9eabc4WIP5fw6u2gdr4C3q%2BdGnsAiUBP%2BPkUHxT2pJtfi0p0Tb%2FagskyazwWiVlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bcca24ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 86fb84826af1ae9dfbde23f31b07ddc8
fd56a770af63e6c0073941f4005a59a0f1ed9988
19ee1b7c557d41cdea66a3c0ed1cc9f701a9bf0e2e00ad2cbf60493bee4a3044
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2179
Cache-Control: max-age=119283
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638e65f6-139"
Expires: Wed, 07 Dec 2022 22:19:37 GMT
Last-Modified: Mon, 05 Dec 2022 21:43:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash a99c4a3f6b75299e8c834d890c71a757
a4d1b6b64193a551da6ead40512d63065e42ccef
b5a0d9e6a2f92456cf30082255fc8ade9f7c5128364e75d2b8fbedbb3589a8b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3912
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
h1a1.ahlamontada.com/0-rtl.css
200 OK 60 kB URL HTTP/2 h1a1.ahlamontada.com/0-rtl.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash a8e2c2065a1a445ebe277010b5b91d24
56c856666ccaae3a8ef15223d27e9cf14a927916
c96746b0514d0b8594c3c5f4102ad6b53dac47c6a24b3ea43e60dede1c094d3a
GET /0-rtl.css HTTP/1.1
Host: h1a1.ahlamontada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Cookie: exadd=167034
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: text/css
content-length: 60096
last-modified: Tue, 06 Dec 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 13:11:20 GMT
cache-control: public,max-age=3600
age: 14
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
2img.net/r/ihimizer/img219/3162/30247488xs9.jpg
301 Moved Permanently 178 B URL HTTP/2 2img.net/r/ihimizer/img219/3162/30247488xs9.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /r/ihimizer/img219/3162/30247488xs9.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=037tD6Wa1l6tU7mIvzp%2B0faz4EFDgBNRJFTvEdKV5LyZaHhEu9HSXCoZ7%2FtlI7Bmd9n4FroVHfuQ3S%2BbKGQiSvWwTP4FpO4O6GNa%2Bjm23ky%2F7%2BKTlsxNm4jcFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bccb24ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/r/ihimizer/img300/1628/98663365sx9.jpg
301 Moved Permanently 178 B URL HTTP/2 2img.net/r/ihimizer/img300/1628/98663365sx9.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /r/ihimizer/img300/1628/98663365sx9.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLWHkSgzknPXTAzz0necmYE3jucFgbL8fCXALdsnJf6TzTy31GNBA2v2q7Wi6o0cgeHWOrgxPgQzzouAKchHskcKz%2FHw3FgqAIrHJRMO9Nax17QZbkS9aE1Mmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bcce24ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/r/ihimizer/img219/4097/17493144le5.jpg
301 Moved Permanently 178 B URL HTTP/2 2img.net/r/ihimizer/img219/4097/17493144le5.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /r/ihimizer/img219/4097/17493144le5.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPXPAyMgQjbtMgXJo6CvBo8W4hMIw9h%2FHpxMx6AMHGvA7zLBMprlYAQtsU%2FMmrS3zq7zeeBth9atT8gXMUhm2XpURlxJhNZu0wtKkfBBEMfPlrj9ALHTwfwCUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bcc924ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2356
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Last-Modified: Tue, 06 Dec 2022 12:32:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 312 B IP
Hash 995fe19a8a49976e8e9d5a982de0d3d6
fcbf5b3a56fa563d99517e318961a0ebf02a4081
d32603d46aed45c2cf3cddcc6ef6d77716520ba2a7a1c7afe296da580f538bc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2271
Cache-Control: max-age=167589
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638f224c-138"
Expires: Thu, 08 Dec 2022 11:44:43 GMT
Last-Modified: Tue, 06 Dec 2022 11:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 279 B IP
Hash 898dd121a47feae0aafc9d0369f098a2
d87814b995072e9d1145d673e5fc5be6fed7b08c
61407ff5d34962a7d1759159d42ba3b188e7669b34854a2b89b2d73d7e7189cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=137022
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ea7fb-117"
Expires: Thu, 08 Dec 2022 03:15:16 GMT
Last-Modified: Tue, 06 Dec 2022 02:24:59 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d3e8f4315487d14d256974b0de698bd6
b95e16294a0ce9bceab933b34b21d8878a1449bf
6953f31da4312fdb9b7b30b7add9e86d1b9f331c48b187f915e9cde8b1668859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6953F31DA4312FDB9B7B30B7ADD9E86D1B9F331C48B187F915E9CDE8B1668859"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1050
Expires: Tue, 06 Dec 2022 13:29:04 GMT
Date: Tue, 06 Dec 2022 13:11:34 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 898dd121a47feae0aafc9d0369f098a2
d87814b995072e9d1145d673e5fc5be6fed7b08c
61407ff5d34962a7d1759159d42ba3b188e7669b34854a2b89b2d73d7e7189cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=137022
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ea7fb-117"
Expires: Thu, 08 Dec 2022 03:15:16 GMT
Last-Modified: Tue, 06 Dec 2022 02:24:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=h1a1.ahlamontada.com&var=&ymid=&var_3=
200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=h1a1.ahlamontada.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 45ff87b8204a6556eff82bb7a578dec2
79ae8badec4cfd82fa4659403132713ae47dc5d2
eb110f9a42dbc6f902e9668b3cabd92690e3f97c7c6ce85a6b0930147881a8e5
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=h1a1.ahlamontada.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 575e766143288b27d142a7d3c89d0b38
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash df6a1aaea058311c1166e483d7152460
dfe0a3b792ad95be7daf19f44f2edfe03e42bebe
8da4ee56739b4ef3d5e325c637a2255401195583ad8d85363b07e7b346b829ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2077
Cache-Control: max-age=104780
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638e2db5-138"
Expires: Wed, 07 Dec 2022 18:17:54 GMT
Last-Modified: Mon, 05 Dec 2022 17:43:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lH7LnBvtIPnlQdEwp+juJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KX5++Yh1KabnlLq6LSAYGV+ugsA=
ocsp.digicert.com/
200 OK 312 B IP
Hash 70e61a14d2296fcfede8714707eeb39d
72ca3d68eae189744173d8ed10f7a18290244c8b
af6a64d2a10dc95f377f8e8f443e496bad5f2444206192ca5e942eb58aa41838
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2261
Cache-Control: max-age=163624
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638f12d9-138"
Expires: Thu, 08 Dec 2022 10:38:38 GMT
Last-Modified: Tue, 06 Dec 2022 10:00:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash 70e61a14d2296fcfede8714707eeb39d
72ca3d68eae189744173d8ed10f7a18290244c8b
af6a64d2a10dc95f377f8e8f443e496bad5f2444206192ca5e942eb58aa41838
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=163651
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638f12d9-138"
Expires: Thu, 08 Dec 2022 10:39:05 GMT
Last-Modified: Tue, 06 Dec 2022 10:00:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zae6Ml80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV29Vc2dnN2VNbTAxeGRvT1dncyUyRlBtbw; expires=Sun, 31 Dec 2023 13:11:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 330062
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c76c2f60892596440d18b9ac02ea4e0d
36ed98837105269647524ad67f727ed476c4c6a2
2bbf9a00990733a43871e7786ce7d13ecd29df5266b6f540dfeafbe7d489bede
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BBF9A00990733A43871E7786CE7D13ECD29DF5266B6F540DFEAFBE7D489BEDE"
Last-Modified: Tue, 06 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2952
Expires: Tue, 06 Dec 2022 14:00:47 GMT
Date: Tue, 06 Dec 2022 13:11:35 GMT
Connection: keep-alive
dnacdn.net/dna
200 OK 129 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 586f2cb52785901fd34646117378bffc
4cdb340cbee530630ba16e88c86cbfd7eabb5e8e
53ec071184949ac3bc8c3648a963df4a66fbf63fb3e53e9d71bfb071b9697f5b
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=zae6Ml80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV29Vc2dnN2VNbTAxeGRvT1dncyUyRlBtbw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA; expires=Sun, 31 Dec 2023 13:11:35 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 195826
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 377
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d1afafd6162de5dd68fd14d25254bcef
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 456
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 07838c9af79b1a5939e2e4353b35802c
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b22490b02628e79842aa551994331a2e
238870b8a3e6ef3b6a761154e3abee386643597c
ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Tue, 06 Dec 2022 15:02:51 GMT
Date: Tue, 06 Dec 2022 13:11:35 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=h1a1.ahlamontada.com&info=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA&idsd=-1328676304,-103910117&cw=1&lsw=1
200 OK 383 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=h1a1.ahlamontada.com&info=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA&idsd=-1328676304,-103910117&cw=1&lsw=1
IP
Hash a64b31b0330974de60f7f9d8ef0e8895
93d36cf6e8572dcdeb49db7062b6298acd5b98e5
00934520c6a3deea3b9f798b8386db52dcbcb818b357c3734e63f2450c2345ec
GET /sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=h1a1.ahlamontada.com&info=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA&idsd=-1328676304,-103910117&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1060045
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash f93fe0c44e63867b7f8553c1ca73460e
e664d98cd9803e5f179af596d8a2f50d79fc92b0
dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=562299,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775544ae68540b06-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 891
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 06 Dec 2022 13:11:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
cdn.viglink.com/api/vglnk.js
200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28567
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 16:53:51 GMT
cache-control: public, max-age=604800
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TcR94AtvuxZAio3K9bpqbbz269Yp8eFzvg8PyPQCqURpTjNI0YZWSA==
age: 505064
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 12:46:55 GMT
expires: Tue, 06 Dec 2022 14:46:55 GMT
cache-control: public, max-age=7200
age: 1480
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP
File type Unicode text, UTF-8 text, with very long lines (65497)
Hash 4bc5dd4cdef34cb206b6ea76e9b5ee9e
e68617c6a10e3c4bbfa05642608cb6517df7db1e
5ed8624e2c2f1ad343ce224c2d82a43f29fc43b6143f5c03d3dc0fbb8c2f93c1
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f2zIntPKHX93vvJXqG8L3+NLcXf7ww78xg+Tj9y8ZLE1VlxFNBfrO5xEdXBSH7fs2fBSfC8Vzr0=
x-amz-request-id: PP71G6FJHWSYMBRM
last-modified: Tue, 06 Dec 2022 11:10:28 GMT
etag: "8c9dc3e7d702fbfcd28f9103b84d0ace"
x-amz-version-id: 3qNIv4ahdEm5Zuy8O.8qx45eadxVoi4H
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:35 GMT
via: 1.1 varnish
age: 7261
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670332296.697427,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 84
content-length: 25355
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221205-11-RELEASE.js
200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221205-11-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 147 kB (146756 bytes)
Hash 43893876a4ea52c67090673399319ec4
df3173f84797a1aab214e8f8843e02a5c0dad6bb
e275f113a5921c1effb4727c7586978f9227ce66c978095326e19e9e26d245de
GET /libtrc/impl.20221205-11-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DYxECbJNfHVNpTXb5rpMCl5HHVeRFiehGM1tEquNaZrk2fmXvGsNItpGVF6FuQN4qvadWVSEZ98=
x-amz-request-id: XCNF4CHYJC1N67G3
last-modified: Mon, 05 Dec 2022 10:10:47 GMT
etag: "43893876a4ea52c67090673399319ec4"
content-encoding: br
x-amz-version-id: o159E2PRPcuqaHGBdHTKchkNp5vyzKlK
content-type: application/javascript
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:35 GMT
via: 1.1 varnish
age: 10848
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 3826
x-timer: S1670332296.770489,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 15
server: AmazonS3-br
content-length: 146756
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&gjid=327942184&_gid=181888172.1670332296&_u=YEBAAUAAAAAAACAAI~&z=177300059
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&gjid=327942184&_gid=181888172.1670332296&_u=YEBAAUAAAAAAACAAI~&z=177300059
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&gjid=327942184&_gid=181888172.1670332296&_u=YEBAAUAAAAAAACAAI~&z=177300059 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://h1a1.ahlamontada.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 13:11:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0aa38417684d742d436d5fae9c184d95
ff04942219b7521bafebef20b74e1fce856a356e
24cd66488572f188801ad38e247ee7d80c2b5da0bc98e36d013db6c055bee8ce
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154532
Date: Tue, 06 Dec 2022 13:11:35 GMT
Etag: "638ef54b-1d7"
Expires: Thu, 08 Dec 2022 08:07:07 GMT
Last-Modified: Tue, 06 Dec 2022 07:54:51 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VnOABxonWM00y9q4YsMQ5shwHjU2nV-RCPDvfsHuQMRS9mgnSXVmPA==
Age: 737
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/ping
200 OK 260 B IP
File type ASCII text, with no line terminators
Hash 58ca46098f61915a764637aaee2096a8
14eb4ebc0d73200d271eeb543014ae8f037ed888
27a37d68e1478e042b6d18983bdfdc4c40893f33d003aef53a721dbac8c0e948
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 129
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 06 Dec 2022 13:11:35 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:35 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://h1a1.ahlamontada.com
server-processing-duration-in-ticks: 359315
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illiweb.com/rs3/66/frm/colcade/colcade.js
200 OK 2.3 kB URL HTTP/2 illiweb.com/rs3/66/frm/colcade/colcade.js
IP
File type ASCII text, with very long lines (5633), with no line terminators
Hash ba3f25435dce1bc6c6d8da8296181fcb
ed33d9dd49b0f3b6355b976f3cc496412bd948bb
be17441ebe7b12c820c69013a96db50475ad9015ef87b630221485c6a471a20f
GET /rs3/66/frm/colcade/colcade.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:26:50 GMT
last-modified: Tue, 13 Sep 2022 13:39:25 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1136684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va6XS%2FjW8ZdAY0aTVBiOYBY6AfKLfAOFhjyKAxEfbnEO%2BJYdIr85gnham2XpZjyCro0YvaYHYdXc95p96MIeAOLIDZLYLqD0PuVXiUJMC5Z8uvQoFVoz2u15Tmcv5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a66e93fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 13:11:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
200 OK 40 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP
Hash 339dc161462639d817df2f5dfa10b06d
af22c7d203d32d093b21f16b552d965f47f4d6c0
7b4a17b426ca8c571e1549b951cdb9ebdda212030e7d885c0dceec17c90513f8
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Wed, 07 Dec 2022 13:11:34 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 13:11:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash f8ae578bad1bbeea1e1c5e1c3a7b2f02
7d4da545ed86e03a40a29ed7ddd442dd60f76afd
1d4e4bb09f817f96fa0163ca5c628970046109f84a3b3243c1c117abc7c53a9d
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 235
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 06 Dec 2022 13:11:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Tue, 06 Dec 2022 15:02:16 GMT
Date: Tue, 06 Dec 2022 13:11:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
h1a1.ahlamontada.com/?utm_source=pwa
200 OK 13 kB URL HTTP/2 h1a1.ahlamontada.com/?utm_source=pwa
IP
Hash 95cc448d0375d204f3e480f4f954f9a7
ca5b3cecea57173cbec40f2d6f906c186a26e165
4da358706a4fdca75782028def81afb1c9a95ab052776a46e9483a3364938e0b
GET /?utm_source=pwa HTTP/1.1
Host: h1a1.ahlamontada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=167034; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 06 Dec 2022 00:00:00 GMT
last-modified: Tue, 06 Dec 2022 13:11:34 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.885&type=info&msg=728x90%20Thumbnails%20thumbnails-728x90&llvl=2&id=3178&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.885&type=info&msg=728x90%20Thumbnails%20thumbnails-728x90&llvl=2&id=3178&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.885&type=info&msg=728x90%20Thumbnails%20thumbnails-728x90&llvl=2&id=3178&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.881&type=info&msg=%7B%22mode%22%3A%22thumbnails-desktop-a%22%2C%22container%22%3A%22taboola-below-desktop-forum-thumbnails%22%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9659&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.881&type=info&msg=%7B%22mode%22%3A%22thumbnails-desktop-a%22%2C%22container%22%3A%22taboola-below-desktop-forum-thumbnails%22%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9659&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.881&type=info&msg=%7B%22mode%22%3A%22thumbnails-desktop-a%22%2C%22container%22%3A%22taboola-below-desktop-forum-thumbnails%22%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9659&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.880&type=info&msg=%7B%22mode%22%3A%22thumbnails-728x90%22%2C%22container%22%3A%22taboola-728x90-thumbnails%22%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=270&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.880&type=info&msg=%7B%22mode%22%3A%22thumbnails-728x90%22%2C%22container%22%3A%22taboola-728x90-thumbnails%22%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=270&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.880&type=info&msg=%7B%22mode%22%3A%22thumbnails-728x90%22%2C%22container%22%3A%22taboola-728x90-thumbnails%22%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=270&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.877&type=info&msg=https%3A%2F%2Fh1a1.ahlamontada.com%2F&llvl=2&id=9228&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.877&type=info&msg=https%3A%2F%2Fh1a1.ahlamontada.com%2F&llvl=2&id=9228&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.877&type=info&msg=https%3A%2F%2Fh1a1.ahlamontada.com%2F&llvl=2&id=9228&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
age: 55470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 55394
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 55375
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 54128
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.888&type=info&msg=Below%20Desktop%20Forum%20Thumbnails%20thumbnails-desktop-a&llvl=2&id=8151&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.888&type=info&msg=Below%20Desktop%20Forum%20Thumbnails%20thumbnails-desktop-a&llvl=2&id=8151&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.888&type=info&msg=Below%20Desktop%20Forum%20Thumbnails%20thumbnails-desktop-a&llvl=2&id=8151&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21345
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:39 GMT
age: 55317
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 55035
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.878&type=usage&msg=rtus&llvl=2&id=9501&cv=20221205-11-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A35.878&type=usage&msg=rtus&llvl=2&id=9501&cv=20221205-11-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.878&type=usage&msg=rtus&llvl=2&id=9501&cv=20221205-11-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 22152
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash adec7fbf9b7fd2a8af6df54429c86e2f
2e551f20c38bb7f6999a1837c6583688a99475ed
a62677d959e0d533318a38e03c63cee4af1a0d1da8144fc22977d96064302fce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1855
Cache-Control: max-age=153515
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:36 GMT
Etag: "638eecf4-139"
Expires: Thu, 08 Dec 2022 07:50:11 GMT
Last-Modified: Tue, 06 Dec 2022 07:19:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:35 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 741
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d88870243cc171fc5b70b5cc8810f122
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221205-11-RELEASE.es6.js
200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221205-11-RELEASE.es6.js
IP
File type ASCII text, with very long lines (17842)
Hash a77b908b61ec0f09ce05a2a371598871
89c78142368f39c21afd68642080de91e109ae89
1ac811531903f1c54798c8e3cfb2751097dc8ea087945a85acfd9afab889c37b
GET /libtrc/userx.20221205-11-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HRTzyayje2p5un37ilHG1chckieyWALYMF4ecc5oVyinKBxax4OmZQsnxuZOgydO+EYzlmVIfLk=
x-amz-request-id: P8FHM7VH767EA5SE
x-amz-replication-status: PENDING
last-modified: Tue, 06 Dec 2022 11:05:56 GMT
etag: "5c5ae94767ba2838fbd5fefaf3a21979"
x-amz-version-id: 14nW9WznxoXMIf9MGGMhhVkgPmabEWvh
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 7512
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 470
x-timer: S1670332296.393612,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5398
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash aac1042207afd54e1cf1befcaf3420cd
00f0597866330a850a1d6222861591f24dd18380
ea77ece8880eb28ffe83e94ef787b4204f8b1b3d09f443011b898b13ed4bb706
GET /lite-unit/3.9.8/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
etag: "1842444d4bb92087143326a4d508875d"
server: AmazonS3
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: iVxUQ_yUDgKIDSZaR21P2jFvv94ZUaTAMQdnd9xsEMFJTpsmb2NMlg==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 1231738
x-served-by: cache-bma1634-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 14014
x-timer: S1670332296.395632,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29909
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/cta-component.20221205-11-RELEASE.es6.js
200 OK 5.1 kB URL HTTP/2 cdn.taboola.com/libtrc/cta-component.20221205-11-RELEASE.es6.js
IP
File type ASCII text, with very long lines (18924)
Hash 66a019155765b0c3e64757a496dd214b
c542b26040718331c14024cfae76f53b17fd2002
d65a5a28c9ad7ec1538d4abed99d4fa9bf825b72310e897ade8ce0966f6535f4
GET /libtrc/cta-component.20221205-11-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 6XtlsWRR4acmrZKtzAn5Eo+TDm8JSa/MXFajXdAaofvHgzfKpbY4Zm7Km257/hIu1kXXr76sbXQ=
x-amz-request-id: 5RFZTDEZKT4Z05HA
x-amz-replication-status: PENDING
last-modified: Tue, 06 Dec 2022 11:04:58 GMT
etag: "4a994d821f81c4963a5a5f39d1db5604"
x-amz-version-id: kUzAJGYYiAvv8M0iWFEl67MiPs.D3.pi
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 7593
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1176
x-timer: S1670332296.438990,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5107
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.standard.co.uk/s3fs-public/thumbnails/image/2018/08/23/09/07-denisovacave-excavation-2cmpi-eva.jpg%3Fwidth%3D646
200 OK 13 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.standard.co.uk/s3fs-public/thumbnails/image/2018/08/23/09/07-denisovacave-excavation-2cmpi-eva.jpg%3Fwidth%3D646
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 45c4a3bb708c66afee688bdfd2b37aeb
af1a13d197d33d945dccf818f3ccbfd1eff1db57
a02a58108b0c9087cd57718182963737ff0ed2a984d3127f75139921c4d6914e
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.standard.co.uk/s3fs-public/thumbnails/image/2018/08/23/09/07-denisovacave-excavation-2cmpi-eva.jpg%3Fwidth%3D646 HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 417558056546189539108392775734138196291,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 417558056546189539108392775734138196291,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "7c4d43925d05e197d8d9464b060dbc9c"
last-modified: Thu, 10 Nov 2022 04:00:27 GMT
req-referer: https://tvline.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 6378c0fa512d8b5207c1bc6581ce75eb
x-envoy-upstream-service-time: 335
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 2245819
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kiad7000098-IAD, cache-chi-kigq8000144-CHI, cache-iad-kcgs7200159-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1670332297.509716,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.standard.co.uk/s3fs-public/thumbnails/image/2018/08/23/09/07-denisovacave-excavation-2cmpi-eva.jpg%3Fwidth%3D646
x-vcl-time-ms: 4
content-length: 13344
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=h1a1.ahlamontada.com
200 OK 16 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=h1a1.ahlamontada.com
IP
Hash ed79ac7206ccf14f8bd8bd60abcbb283
e4614873765d8194ba3825d03b1c1ea495ffd8f9
ce90f470fdfc460f5f1f4b90652b7f7c3aa7576efe6eab3c5982b4bc1e309685
GET /syncframe?origin=rtus&topUrl=h1a1.ahlamontada.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=9aa93a6e-b818-4b9e-88e7-2baa8ed81682; expires=Sun, 31 Dec 2023 13:11:36 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 773803
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa1e934877c2ead2f1b2140b01029181.png
200 OK 14 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa1e934877c2ead2f1b2140b01029181.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash e610796b1421c685ad9d241068f2fe63
de42226dea194eb6525eef381b8c7ae548b10a51
18e663b324a3e6a46d70c1019c5fc51f14e9a8d549148c8c3eb3eea3d38ece5c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa1e934877c2ead2f1b2140b01029181.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 496389742428024346966628628086167263116,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 496389742428024346966628628086167263116,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
etag: "5bc28f7fc2f4609f7c4c9b9b6c2ebd0a"
expiration: expiry-date="Thu, 03 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 03 Oct 2022 10:40:59 GMT
req-referer: https://way2ott.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 89
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 3006458
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100171-IAD, cache-lga21920-LGA, cache-iad-kiad7000174-IAD, cache-bma1634-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 2, 0, 1, 1
x-timer: S1670332297.569376,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa1e934877c2ead2f1b2140b01029181.png
x-vcl-time-ms: 1
content-length: 13646
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
200 OK 15 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 009bf45f63d6e744fde0fed669b7ba83
cf6714349933074eef1f9d3d88b80e82a54cd0a6
734a1ec7dd0d9b121001aa3c30c8023093e9c0f3bee50ea4d1e48e933654c4ca
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 454495853063637850906140981329147654090,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 454495853063637850906140981329147654090,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "ec6d70f4ec0995eac77e61f85630f33f"
last-modified: Tue, 11 Oct 2022 21:59:37 GMT
req-referer: https://www.georgetakei.com/professional-confessions-2658517700.html
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: b21130d179245eb3cead96f7e11271e7
x-envoy-upstream-service-time: 51
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 3003632
x-served-by: cache-iad-kjyo7100165-IAD, cache-iad-kjyo7100042-IAD, cache-lga21960-LGA, cache-iad-kiad7000060-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 843, 1
x-timer: S1670332297.569637,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
x-vcl-time-ms: 1
content-length: 15102
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
200 OK 23 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x180, components 3\012- data
Hash 254d067d6a804e73ff0a5f0762483772
b17aa7d8a89d593ff4798819d268822a652e70d6
e29bbead7fa31ec46d4909e5edc3acb52e4d3276e6ab408195b68e5b4f1be391
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 538475434606933197924381234642994484733,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 538475434606933197924381234642994484733,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "254d067d6a804e73ff0a5f0762483772"
last-modified: Fri, 09 Sep 2022 04:33:06 GMT
server: cloudinary
status: 200 OK
timing-allow-origin: *
x-request-id: 45d8b8154def9fbf7b891d69101fbdd0
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 5367704
x-served-by: cache-iad-kiad7000031-IAD, cache-iad-kiad7000064-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 78, 0
x-timer: S1670332297.509036,VS0,VE91
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
x-vcl-time-ms: 91
content-length: 22845
X-Firefox-Spdy: h2
api.viglink.com/api/domains
200 OK 68 B URL HTTP/1.1 api.viglink.com/api/domains
IP
File type ASCII text, with no line terminators
Hash c0b5700bcec385835c3e3868c677e37c
b0076a20b16e67fd2effc8311e9b33eb255338e7
f4cbb471ee54cbcb21db291a5cbc165fedb321c09c6e7cbe87c087e7bf5895ae
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 282
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 06 Dec 2022 13:11:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 68
Connection: keep-alive
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a193bd7b3c32fc36cbafa0d3991b06d4.jpg
200 OK 13 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a193bd7b3c32fc36cbafa0d3991b06d4.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 305409e15f4a235e0b65f48b2dfaf9b2
63df1adc7138abbbb2ddda9b286e9f9fc50c46b2
718cc7308f3037c2369ac3e5f070aa8feacb8e77d17b0f487319e303c3830377
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a193bd7b3c32fc36cbafa0d3991b06d4.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 328911667776585363706232317130175042056,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 328911667776585363706232317130175042056,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "87f123e59d8980c3b081393313ab4e94"
last-modified: Wed, 09 Nov 2022 05:42:11 GMT
req-referer: https://h1a1.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: ae28e36148dadf23e6f195379085e203
x-envoy-upstream-service-time: 110
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 1890029
x-served-by: cache-iad-kiad7000131-IAD, cache-iad-kcgs7200051-IAD, cache-chi-kigq8000141-CHI, cache-iad-kjyo7100048-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS, MISS, MISS
x-cache-hits: 0, 3, 0, 0, 0
x-timer: S1670332297.568962,VS0,VE237
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a193bd7b3c32fc36cbafa0d3991b06d4.jpg
x-vcl-time-ms: 237
content-length: 12702
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=31589837&cb=1670332296714&uv=3245&tms=1670332296714&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296714&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=31589837&cb=1670332296714&uv=3245&tms=1670332296714&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296714&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=31589837&cb=1670332296714&uv=3245&tms=1670332296714&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296714&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
content-length: 0
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.413&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=7471&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.413&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=7471&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.413&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=7471&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.416&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=6944&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.416&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=6944&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.416&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=6944&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/3/abtests?route=AM:IL:V<i=deflated&ri=3a817ad4986a7ee0e86dec323b918235&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ui=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&pi=/&wi=-7764447088115785453&pt=text&vi=1670332295883&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1670332296303%7D&tim=13%3A11%3A36.304&id=634&llvl=2&cv=20221205-11-RELEASE&
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/3/abtests?route=AM:IL:V<i=deflated&ri=3a817ad4986a7ee0e86dec323b918235&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ui=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&pi=/&wi=-7764447088115785453&pt=text&vi=1670332295883&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1670332296303%7D&tim=13%3A11%3A36.304&id=634&llvl=2&cv=20221205-11-RELEASE&
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/3/abtests?route=AM:IL:V<i=deflated&ri=3a817ad4986a7ee0e86dec323b918235&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ui=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&pi=/&wi=-7764447088115785453&pt=text&vi=1670332295883&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1670332296303%7D&tim=13%3A11%3A36.304&id=634&llvl=2&cv=20221205-11-RELEASE& HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.423&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2360&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.423&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2360&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.423&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2360&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.305&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=6837&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.305&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=6837&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.305&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=6837&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.326&type=info&msg=Start%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=863&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.326&type=info&msg=Start%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=863&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.326&type=info&msg=Start%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=863&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.297&type=info&msg=Start%20Rendering%20728x90%20Thumbnails&llvl=2&id=2054&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.297&type=info&msg=Start%20Rendering%20728x90%20Thumbnails&llvl=2&id=2054&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.297&type=info&msg=Start%20Rendering%20728x90%20Thumbnails&llvl=2&id=2054&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.342&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=4212&cv=20221205-11-RELEASE<=deflated&pct=1
204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A11%3A36.342&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=4212&cv=20221205-11-RELEASE<=deflated&pct=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.342&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=4212&cv=20221205-11-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1
200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:36 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
IP
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_4_5/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Bf8dw0NjA07TfpEMmKBaL+UFJWQuALEo7owO+vyJS0Z7+UM4VbN5qXqenI+jCaBsTF8hL6tqRMY=
x-amz-request-id: 89SNZ5N6GV47VA34
last-modified: Mon, 28 Nov 2022 10:07:46 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1669630065
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630064
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 702137
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 129673
x-timer: S1670332297.975342,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fh1a1.ahlamontada.com%2F&encoded=1&uid=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670332296368&tagid=&cntry=NO&platform=1&sesid=f3f3e5c9e8d8d0d6bc517989bf453aca&itemid=/&viewid=1670332295883&geolat=&geoing=&deviceifa=&appid=&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=4e0cdec404ee37197649557884b16208&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9058
200 OK 8.8 kB URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fh1a1.ahlamontada.com%2F&encoded=1&uid=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670332296368&tagid=&cntry=NO&platform=1&sesid=f3f3e5c9e8d8d0d6bc517989bf453aca&itemid=/&viewid=1670332295883&geolat=&geoing=&deviceifa=&appid=&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=4e0cdec404ee37197649557884b16208&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9058
IP
File type ASCII text, with very long lines (30450), with no line terminators
Hash d5e17e5b302e50bd06b0552d079d0e17
9bd2f6b93a3d3c05f7cfc1886e8a050d1531a35c
ea669917bf814c4f4ff00d92f6e0f21a8cd11ea3a7b01e9eb71e91e480b5a403
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fh1a1.ahlamontada.com%2F&encoded=1&uid=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670332296368&tagid=&cntry=NO&platform=1&sesid=f3f3e5c9e8d8d0d6bc517989bf453aca&itemid=/&viewid=1670332295883&geolat=&geoing=&deviceifa=&appid=&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=4e0cdec404ee37197649557884b16208&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9058 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1443
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332296.443056,VS0,VE31
vary: Accept-Encoding
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
IP
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127788 bytes)
Hash 2b361da912acc8f13f4f1b545047025f
af3a70c02bb88e27a151e8edf4a93931ace2aced
7f44e7dee5fbeb1334cdcb6b06d37dbf74a5ce2c65d4494843a2dabd98f2ef1b
GET /vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: NxcjemMMJRUsCExBkB2iiVRl9DgwLdtVaii0IcyucefSWzHY1Wd9p4I32adBzeHQ7741KdCnChI=
x-amz-request-id: 89SJXSQ72NB1B3KT
last-modified: Mon, 28 Nov 2022 10:06:56 GMT
etag: "2b361da912acc8f13f4f1b545047025f"
x-amz-meta-ctime: 1669630015
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630014
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 702138
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 58622
x-timer: S1670332297.992650,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127788
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=31589837&cb=1670332296963&uv=3245&tms=1670332296963&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296963&mntl=1
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=31589837&cb=1670332296963&uv=3245&tms=1670332296963&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296963&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=31589837&cb=1670332296963&uv=3245&tms=1670332296963&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296963&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=h1a1.ahlamontada.com&bundle=fkmNY19IVHgwa3lFWjV5NmNlODN6T0V5T0g2WTJvR01UYjRrcnV6M2J1THJwWXNNNHppeXhZcjJ2ZktPc3VMMmViWUVZMDFIUCUyRndCM3JJNHdER2ZHaFVackc2d1FnbGJNVjd1JTJCTTFqZHA5TVdsRFBvNEdpZjlxd1VlUlQlMkJXS1E0Mmk1TSUyQmhnSUlqSmNhdWZnQ092JTJCMkpMWDFBJTNEJTNE&info=w_vYaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3FjUUVNa3V1TWRkTmlCOEFXak84TDM&idsd=-1328676304,-103910117&cw=1&rtusCallerId=72&lsw=1
200 OK 794 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=h1a1.ahlamontada.com&bundle=fkmNY19IVHgwa3lFWjV5NmNlODN6T0V5T0g2WTJvR01UYjRrcnV6M2J1THJwWXNNNHppeXhZcjJ2ZktPc3VMMmViWUVZMDFIUCUyRndCM3JJNHdER2ZHaFVackc2d1FnbGJNVjd1JTJCTTFqZHA5TVdsRFBvNEdpZjlxd1VlUlQlMkJXS1E0Mmk1TSUyQmhnSUlqSmNhdWZnQ092JTJCMkpMWDFBJTNEJTNE&info=w_vYaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3FjUUVNa3V1TWRkTmlCOEFXak84TDM&idsd=-1328676304,-103910117&cw=1&rtusCallerId=72&lsw=1
IP
Hash 2ff155312208fa2b81524c74542e4566
8e10f4301c898bd10bae16868f4b68f767bb077a
522c7ce5ae3c8e81a62944136d75ca70552aed12a0a609f7b48fbc286bf2bcf8
GET /sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=h1a1.ahlamontada.com&bundle=fkmNY19IVHgwa3lFWjV5NmNlODN6T0V5T0g2WTJvR01UYjRrcnV6M2J1THJwWXNNNHppeXhZcjJ2ZktPc3VMMmViWUVZMDFIUCUyRndCM3JJNHdER2ZHaFVackc2d1FnbGJNVjd1JTJCTTFqZHA5TVdsRFBvNEdpZjlxd1VlUlQlMkJXS1E0Mmk1TSUyQmhnSUlqSmNhdWZnQ092JTJCMkpMWDFBJTNEJTNE&info=w_vYaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3FjUUVNa3V1TWRkTmlCOEFXak84TDM&idsd=-1328676304,-103910117&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1360030
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 98a353d73a22109ae2ca0a2018e3044b
a5a79e9487625a28c7b43d63253b8e8e9ec5ae02
eed0a1bedc2693e8f6f7e5eb13581af7c5336706a8d2b79eb2ec4c9b163dab89
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:37 GMT
Last-Modified: Tue, 06 Dec 2022 12:20:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 98a353d73a22109ae2ca0a2018e3044b
a5a79e9487625a28c7b43d63253b8e8e9ec5ae02
eed0a1bedc2693e8f6f7e5eb13581af7c5336706a8d2b79eb2ec4c9b163dab89
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4287
Cache-Control: max-age=130374
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:37 GMT
Etag: "638e8910-1d7"
Expires: Thu, 08 Dec 2022 01:24:31 GMT
Last-Modified: Tue, 06 Dec 2022 00:13:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
gem.gbc.criteo.com/newidsd
200 OK 510 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash a6b70fc494ad16601d78f81bbadf9356
4d0f11e46af22a5e53144cc345c91bf20c4b93c6
58b00ddf2e623d98925e16683bd232a22d2733f34781a316ec4b21fa93e1b336
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 62359
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83d84adb-7567-11ed-aa47-1ce730eb0306; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83d84b19-7567-11ed-aa47-1ce730eb0306
X-fe: 140
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true
200 OK 89 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
Hash 9d954326942304001a7751c9a64a6ef2
08e5598cb3c25b92301a257e60e95a92dbbbd821
9cd8bd422292869147842df0e9b2cd12c0bf9d465aa789bd152786848d73b1f4
GET /sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3407
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
age: 387274
x-served-by: cache-bma1634-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 136615
x-timer: S1670332297.389171,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f0c5d5-7567-11ed-99e5-1eddb0c50206; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c63c-7567-11ed-99e5-1eddb0c50206
X-fe: 48
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f0c1a4-7567-11ed-ac6f-1365eaaf0506; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c1f7-7567-11ed-ac6f-1365eaaf0506
X-fe: 6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f0ef94-7567-11ed-99dc-1093d7b30306; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0effe-7567-11ed-99dc-1093d7b30306
X-fe: 7
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&excid=22&docw=0&cijs=1&nlb=false
200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 98a76f3a7fd5e8337ef3301d5d69d0d7
f7c260a4e32ec68e61dc6e25c3b7e4d2b572c6a6
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
GET /sync?dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f64730-7567-11ed-8b97-175cf56a0106; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f6476b-7567-11ed-8b97-175cf56a0106
X-fe: 24
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c63c-7567-11ed-99e5-1eddb0c50206
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c63c-7567-11ed-99e5-1eddb0c50206
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c63c-7567-11ed-99e5-1eddb0c50206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f746cd-7567-11ed-8c7d-14c817940406; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 33
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c1f7-7567-11ed-ac6f-1365eaaf0506
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c1f7-7567-11ed-ac6f-1365eaaf0506
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c1f7-7567-11ed-ac6f-1365eaaf0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f76be4-7567-11ed-907c-1f057aaa0106; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 131
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0effe-7567-11ed-99dc-1093d7b30306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0effe-7567-11ed-99dc-1093d7b30306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0effe-7567-11ed-99dc-1093d7b30306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f78dff-7567-11ed-a8e0-1a4ab9540206; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 39
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f6476b-7567-11ed-8b97-175cf56a0106
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f6476b-7567-11ed-8b97-175cf56a0106
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f6476b-7567-11ed-8b97-175cf56a0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83fad94d-7567-11ed-a608-1d03a5b20506; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 87
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash aea11d65133e4227ef7ebe8ba940b408
ea8b1037b25df00392f580798aaac32049233fbc
d0e2ce25802eb0f222b62b5bd77be2741be350c88215fb44b05ccf661e157358
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Dec 2022 09:54:01 GMT
ETag: "ea8b1037b25df00392f580798aaac32049233fbc"
Last-Modified: Tue, 06 Dec 2022 09:54:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3496
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775544bb7e35b4ed-OSL
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670332296729&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1
200 OK 989 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670332296729&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1
IP
Hash c33f22b182b5eb731e11997df3f57981
142e3ba310287e251b2f0618eb78e8fa6713c1b5
6b30799338650215dcd7adaa5776ff63a9ada3f8c7d9907d3957f68ce45fd42d
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670332296729&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1439
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332297.865564,VS0,VE77
vary: Accept-Encoding
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:37 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIk_j2MCED_2hPZ8LDeJ3rFv5VZw8WUFEgEBAQGRkGOZYwAAAAAA_eMAAA&S=AQAAAn2MBZQyyv8MAJYqZ3Xm_-M; Expires=Wed, 6 Dec 2023 19:11:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1411
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332298.526625,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4903
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332298.526620,VS0,VE91
x-vcl-time-ms: 91
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=&cb=1670332297545&uv=3245&tms=1670332297545&su=&abt=mprdctdt6_vA!ntvc_vB!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=&cb=1670332297545&uv=3245&tms=1670332297545&su=&abt=mprdctdt6_vA!ntvc_vB!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=&cb=1670332297545&uv=3245&tms=1670332297545&su=&abt=mprdctdt6_vA!ntvc_vB!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1& HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
age: 20331
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 2381
x-timer: S1670332298.733927,VS0,VE0
cache-control: private,max-age=31536000
abp: 15
content-length: 254
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8d5534f87ba320d9725ab911d34a5c67
4b7056ac8c9b17b014f751909530416c9d62387b
42ed49fb698f55a0d66a4a2085e76b83c3d4ffa865d601131ef2d45b33ac6c06
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103284
Date: Tue, 06 Dec 2022 13:11:37 GMT
Etag: "638e26a6-1d7"
Expires: Wed, 07 Dec 2022 17:53:01 GMT
Last-Modified: Mon, 05 Dec 2022 17:13:10 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1IevKRBhfbbJjOayNpHJKodPs9mFIhH1HdXNK1J1Ce1apsFEuuLAPA==
Age: 2391
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Tue, 06 Dec 2022 13:11:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=304510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775544bbde2b0b06-OSL
ups.analytics.yahoo.com/ups/58534/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 13:11:37 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIk_j2MCEMV3FFA4pn1cP3BzF7L5J5kFEgEBAQGRkGOZYwAAAAAA_eMAAA&S=AQAAAu1l5JVS3pBq1RXbV24Jkxo; Expires=Wed, 6 Dec 2023 19:11:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:37 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=842aff2b-7567-11ed-b2a5-1093d7b30106; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=842aff79-7567-11ed-b2a5-1093d7b30106
X-fe: 7
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Dec 2022 13:11:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=842aff79-7567-11ed-b2a5-1093d7b30106
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=842aff79-7567-11ed-b2a5-1093d7b30106
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=842aff79-7567-11ed-b2a5-1093d7b30106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=84309a71-7567-11ed-9c8b-182a6e990406; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 133
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
eus.rubiconproject.com/usync.js
200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP
File type ASCII text, with very long lines (18728)
Hash fbba03aabacbac1a82f3452df63a886e
1cbba819be230536fc2f77245b857e3baf8f2cc9
717f788d62c535ceab1397b3e4960748c58b5cc5f77b316d66828288268f5b32
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Tue, 06 Dec 2022 06:54:38 GMT
Content-Encoding: gzip
Content-Length: 10067
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=63749
Expires: Wed, 07 Dec 2022 06:54:06 GMT
Date: Tue, 06 Dec 2022 13:11:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
ups.analytics.yahoo.com/ups/58534/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIk_j2MCEHnuzbX1GMSCpjDj5dpmnw0FEgEBAQGRkGOZYwAAAAAA_eMAAA&S=AQAAApFwZg-LnoPnImQRlp-J9Hc; Expires=Wed, 6 Dec 2023 19:11:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:37 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 13:11:37 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIk_j2MCEAcCCrsUyh_elGmxaQb6UKQFEgEBAQGRkGOZYwAAAAAA_eMAAA&S=AQAAAhRK5pNn2huNDZfIukYgrto; Expires=Wed, 6 Dec 2023 19:11:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b7894571eb7d4837e1dee13aaacac990
486b9d79414f9eb33b76b0b423982b351c6a110f
6d14a5d3df707015be4ca6e368b8cf5dd32aeb408d34aeaf09c3c0f2deedf844
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2195
Cache-Control: max-age=131515
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:37 GMT
Etag: "638e95b1-1d7"
Expires: Thu, 08 Dec 2022 01:43:32 GMT
Last-Modified: Tue, 06 Dec 2022 01:06:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
Content-Type: image/gif
ocsp.digicert.com/
200 OK 471 B IP
Hash 4329f2990b71eda7a2357b67919d8519
053e2133deba57e49bfcfeb992d286cf50febabb
7c5b44a2798260426c5cdfed88a74a86c6650602b7c757e9a409b90f7568e21c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6418
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:38 GMT
Last-Modified: Tue, 06 Dec 2022 11:24:41 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
rubiconcm.digitaleast.mobi/usersync/rubicon.gif?gdpr=1&us_privacy=1---
302 Found 130 B URL HTTP/2 rubiconcm.digitaleast.mobi/usersync/rubicon.gif?gdpr=1&us_privacy=1---
IP
File type HTML document, ASCII text
Hash e009467589f32a6ecbb5749bae377322
706c660afe09f8c3a20221c04c4c3c1ad73b8e91
3577eff2eb678a324d0eb860f75e0721f00db4d1fd85a1f593d8387cefb23f2d
GET /usersync/rubicon.gif?gdpr=1&us_privacy=1--- HTTP/1.1
Host: rubiconcm.digitaleast.mobi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=aad3207c-f743-4d86-8554-30f19c9a6053
set-cookie: de_tp_cookie=aad3207c-f743-4d86-8554-30f19c9a6053; Path=/; Domain=digitaleast.mobi; Max-Age=63072000
date: Tue, 06 Dec 2022 13:11:38 GMT
content-length: 130
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4329f2990b71eda7a2357b67919d8519
053e2133deba57e49bfcfeb992d286cf50febabb
7c5b44a2798260426c5cdfed88a74a86c6650602b7c757e9a409b90f7568e21c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6418
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:11:38 GMT
Last-Modified: Tue, 06 Dec 2022 11:24:41 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=aad3207c-f743-4d86-8554-30f19c9a6053
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=aad3207c-f743-4d86-8554-30f19c9a6053
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=600424&nid=5498&put=aad3207c-f743-4d86-8554-30f19c9a6053 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
Content-Type: image/gif
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d9b700dfcabf2820a682a88d8c959471
1e233a2731d7063c8a7568cff4987344a30dc245
7f4652399e09ada4c1f8dae26781f7249cda22d0c877d1c301fdc19afcdfcf1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F4652399E09ADA4C1F8DAE26781F7249CDA22D0C877D1C301FDC19AFCDFCF1E"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11223
Expires: Tue, 06 Dec 2022 16:18:41 GMT
Date: Tue, 06 Dec 2022 13:11:38 GMT
Connection: keep-alive
token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
cdn.taboola.com/scripts/cds-pips.js
200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:38 GMT
via: 1.1 varnish
age: 419
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1004
x-timer: S1670332298.371486,VS0,VE0
vary: Accept-Encoding
abp: 15
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
200 OK 30 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP
Hash 7459275646a179ac07fb5e72a7833201
44ce24ab95b24601a74b0c700d031694285d4055
99e916dc01a86037e4e5a72872e5703640b430b2d708a572702b47c5716e00c2
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: application/javascript
x-trace-id: 97f2a7575459fe418f8736f65a52dbbb
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=344d000249cb4654a4ef21386698731f; expires=Wed, 06 Dec 2023 13:11:35 GMT; path=/; secure; SameSite=None
oaidts=1670332295; expires=Wed, 06 Dec 2023 13:11:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Tue, 06 Dec 2022 13:11:38 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: FH83RJNACQP88V6RRXE7
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d9b700dfcabf2820a682a88d8c959471
1e233a2731d7063c8a7568cff4987344a30dc245
7f4652399e09ada4c1f8dae26781f7249cda22d0c877d1c301fdc19afcdfcf1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F4652399E09ADA4C1F8DAE26781F7249CDA22D0C877D1C301FDC19AFCDFCF1E"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11223
Expires: Tue, 06 Dec 2022 16:18:41 GMT
Date: Tue, 06 Dec 2022 13:11:38 GMT
Connection: keep-alive
pips.taboola.com/
200 OK 4 B IP
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://h1a1.ahlamontada.com
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:38 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=76d69adf-54e2-4196-83d3-4e42cc8d183d
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=76d69adf-54e2-4196-83d3-4e42cc8d183d
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=1181926&nid=5578&put=76d69adf-54e2-4196-83d3-4e42cc8d183d HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
Content-Type: image/gif
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Tue, 06 Dec 2022 13:11:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 87522W2Y6DKZD6CMGK5N
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ef4667616fb95e0a830e0c347e2e8114
3629e103cb91fa19b991b6f3ac426f9a6b81b798
2a8a76efb9e9491787af3aeabc9995457de8d90aa0008b4c14d942b26561e000
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116585
Date: Tue, 06 Dec 2022 13:11:38 GMT
Etag: "638e5d84-1d7"
Expires: Wed, 07 Dec 2022 21:34:43 GMT
Last-Modified: Mon, 05 Dec 2022 21:07:16 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6YOrTy9Ga1dtbn-kyiil7qc-_vulsgG2VSWrhqYLBiQ1HEt_Iaf8dA==
Age: 1647
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 7c2835cdaa7103c5542ecf69be67f90d
62fd71b1e9527d8d6442c61199a472a694aa9388
51a1ad44dad1bd929cf8600817425a1ee30e299052ba65b566c573b0da0b7661
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 09:09:31 GMT
ETag: "62fd71b1e9527d8d6442c61199a472a694aa9388"
Last-Modified: Tue, 06 Dec 2022 09:09:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775544c23fa4b4ed-OSL
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Tue, 06 Dec 2022 13:11:38 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: FVHVMY05K758ERZ97R9V
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
um2.eqads.com/um/rc?gdpr=1&us_privacy=1---
302 Found 68 B URL HTTP/2 um2.eqads.com/um/rc?gdpr=1&us_privacy=1---
IP
File type HTML document, ASCII text
Hash 81d2bd40057004ded7223381cfaf7d2f
86bdfaaca10e55139a7f2055e32f51100d9f4694
dbd4f847238388b53cca0f9fc6fe17d3a7743b26462db2b363fddcd6dccdfd97
GET /um/rc?gdpr=1&us_privacy=1--- HTTP/1.1
Host: um2.eqads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Dec 2022 13:11:38 GMT
content-type: text/html; charset=utf-8
content-length: 68
location: /um/rc?gdpr=1&us_privacy=1---&eq_cc=1
set-cookie: EQUser=UID=a5858f78-17b9-4bc9-9a36-67f777d5a9ec; Path=/; Domain=eqads.com; Expires=Mon, 06 Mar 2023 13:11:38 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Tue, 06 Dec 2022 13:11:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: PVSQ7T9T76BSZAQRGQQ9
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
um2.eqads.com/um/rc?gdpr=1&us_privacy=1---&eq_cc=1
200 OK 0 B URL HTTP/2 um2.eqads.com/um/rc?gdpr=1&us_privacy=1---&eq_cc=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /um/rc?gdpr=1&us_privacy=1---&eq_cc=1 HTTP/1.1
Host: um2.eqads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:38 GMT
content-length: 0
X-Firefox-Spdy: h2
tg.socdm.com/rtb/sync?proto=rubicon&gdpr=1&us_privacy=1---
302 Found 0 B URL HTTP/1.1 tg.socdm.com/rtb/sync?proto=rubicon&gdpr=1&us_privacy=1---
IP
ASN #2514 NTT PC Communications, Inc.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync?proto=rubicon&gdpr=1&us_privacy=1--- HTTP/1.1
Host: tg.socdm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:11:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y48-i8Co8YkAAFS2XIkAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie: SOSYNC=anNvbjp7InJ1Ymljb24iOjE2NzAzMzIyOTl9; path=/; expires=Thu, 5-Dec-24 13:11:39 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time: 4
X-SO-HostName: m-ad366.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng37.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?gdpr=1&proto=rubicon&us_privacy=1---","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y48-i8Co8YkAAFS2XIkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad366"}
X-SO-Key: Y48-i8Co8YkAAFS2XIkAAAAA
X-SO-IP: 91.90.42.154
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad366
pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y48-i8Co8YkAAFS2XIkAAAAA
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=Y48-i8Co8YkAAFS2XIkAAAAA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=71722&nid=3668&expires=30&put=Y48-i8Co8YkAAFS2XIkAAAAA HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 49049ff336235ad60cb44abcb1cec1d6
Content-Type: image/gif
stootsou.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:42 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ff7d80c1ceea8be244d95336a753eb97
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=h1a1.ahlamontada.com
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=h1a1.ahlamontada.com
IP
GET /syncframe?origin=publishertag&topUrl=h1a1.ahlamontada.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=45c62229-1099-46da-9e31-38c1c761fc8f; expires=Sun, 31 Dec 2023 13:11:34 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 516741
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670332296969&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1
200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670332296969&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1
IP
POST /VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670332296969&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1461
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332297.078934,VS0,VE66
vary: Accept-Encoding
X-Firefox-Spdy: h2
h1a1.ahlamontada.com/images?json=1&page=0
200 OK 0 B URL HTTP/2 h1a1.ahlamontada.com/images?json=1&page=0
IP
GET /images?json=1&page=0 HTTP/1.1
Host: h1a1.ahlamontada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Connection: keep-alive
Cookie: exadd=167034; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3166
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F8fd2DqyevqC5PMIWb9P8bBxDB9RTTKxkZp6bAsvdgoEVYJLLOkqayzduQZRaLprL%2Bt7OuQ%2FXUcCaS6NCggxJ4GeeawbY6XZsZBNcks1nqX85fnRcD%2BbE1mbtQaqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544ad79e90b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 105323
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
h1a1.ahlamontada.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: h1a1.ahlamontada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:33 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 06 Dec 2022 00:00:00 GMT
last-modified: Tue, 06 Dec 2022 13:11:33 GMT
vary: User-Agent
set-cookie: exadd=167034; expires=Tue, 06-Dec-2022 17:11:33 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
IP
GET /rs3/66/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:23 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1136951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxyl2Pj2fURVe5l7ljQ1TWjhAmdNSasxdgGKHWawUuqDs2oUi72G%2FjKHStzwTv0Yz09ws95q%2Fef8tqWnulFAtbMb%2FfOvEPsUaDGfzCIZeNWvHdUPCNNx0rRu4%2FZhNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a65e8dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Thu, 05 Jan 2023 13:11:34 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 7B1C:D2D3:4824A8:4A013B:638A8635
vary: Accept-Encoding
x-fastly-request-id: 13302c302e4dcbfe7e16260e2cd5983d6eec8ece
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
h1a1.ahlamontada.com/sw.js
200 OK 0 B URL HTTP/2 h1a1.ahlamontada.com/sw.js
IP
GET /sw.js HTTP/1.1
Host: h1a1.ahlamontada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Connection: keep-alive
Cookie: exadd=167034; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/colcade/FA_ImageList.js
200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/colcade/FA_ImageList.js
IP
GET /rs3/66/frm/colcade/FA_ImageList.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:26:50 GMT
last-modified: Tue, 25 Oct 2022 08:32:37 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1136684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk%2FkHhbo%2BuQPKt4SpBDN6sttt%2FIYLKGTuHJUYX%2FDel37QgQKv3ovgfct96jOcFrYGmD8z6D0MeHi3IJ4gdtnBT5cE8pTbIn0Xrjq1ylECUAt3w8QCNiHe6JYdiu%2BRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a67e9dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 774405
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=undefined&cb=1670332296964&uv=3245&tms=1670332296964&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c9237441-72d3-4129-b035-6b34d00aeb56&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=undefined&cb=1670332296964&uv=3245&tms=1670332296964&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c9237441-72d3-4129-b035-6b34d00aeb56&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=undefined&cb=1670332296964&uv=3245&tms=1670332296964&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=c9237441-72d3-4129-b035-6b34d00aeb56&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332297.072059,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.409
200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.409
IP
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-18c6c"
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=undefined&cb=1670332296715&uv=3245&tms=1670332296715&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5698cdba-3513-40e6-b85e-a514388b7ef7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=undefined&cb=1670332296715&uv=3245&tms=1670332296715&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5698cdba-3513-40e6-b85e-a514388b7ef7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=undefined&cb=1670332296715&uv=3245&tms=1670332296715&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5698cdba-3513-40e6-b85e-a514388b7ef7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332297.834541,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=13%3A11%3A35.891<i=deflated&data=%7B%22id%22%3A344%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670325016688%2C%22vi%22%3A1670332295883%2C%22cv%22%3A%2220221205-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fh1a1.ahlamontada.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fh1a1.ahlamontada.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A3493%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A249%2C%22mw%22%3A0%2C%22amw%22%3A759.5166625976562%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A3415.666748046875%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=13%3A11%3A35.891<i=deflated&data=%7B%22id%22%3A344%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670325016688%2C%22vi%22%3A1670332295883%2C%22cv%22%3A%2220221205-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fh1a1.ahlamontada.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fh1a1.ahlamontada.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A3493%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A249%2C%22mw%22%3A0%2C%22amw%22%3A759.5166625976562%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A3415.666748046875%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
GET /forumotion-ar/trc/3/json?tim=13%3A11%3A35.891<i=deflated&data=%7B%22id%22%3A344%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670325016688%2C%22vi%22%3A1670332295883%2C%22cv%22%3A%2220221205-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fh1a1.ahlamontada.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fh1a1.ahlamontada.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A3493%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A249%2C%22mw%22%3A0%2C%22amw%22%3A759.5166625976562%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A3415.666748046875%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332296.978888,VS0,VE307
vary: Accept-Encoding
x-vcl-time-ms: 307
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
x-crto-bundle: fkmNY19IVHgwa3lFWjV5NmNlODN6T0V5T0g2WTJvR01UYjRrcnV6M2J1THJwWXNNNHppeXhZcjJ2ZktPc3VMMmViWUVZMDFIUCUyRndCM3JJNHdER2ZHaFVackc2d1FnbGJNVjd1JTJCTTFqZHA5TVdsRFBvNEdpZjlxd1VlUlQlMkJXS1E0Mmk1TSUyQmhnSUlqSmNhdWZnQ092JTJCMkpMWDFBJTNEJTNE
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:35 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://h1a1.ahlamontada.com
server-processing-duration-in-ticks: 2294792
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true
200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true
IP
ASN #200478 Taboola.com ltd
GET /sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 13:11:34 GMT
expires: Tue, 06 Dec 2022 13:11:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=w_vYaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3FjUUVNa3V1TWRkTmlCOEFXak84TDM; expires=Sun, 31 Dec 2023 13:11:36 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 201066
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 1988
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFX5%2Ff%2F6hkCbkeYmrzb1Sa8hdQqFxB%2FjD9YiEW%2BoJ9EfHvr6TEofsxAm5LXtQpB1G2GqdoJ3WC9mRzICH8VshzYlJJRhddStG2UxGqqjEVueCbpCl9NGtB7o3NASKOkD3M9%2FK9B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544aa0dddb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:11:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 85386
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
94.23.150.222
139.45.197.250
142.250.74.14
178.250.2.150
104.21.90.171
2.21.206.244
35.158.226.123
23.36.76.226
185.106.33.48
124.146.215.52
34.246.116.79
94.23.73.212