Submitted URL: http://bnotat-a7la.mam9.com/
Effective URL: https://bnotat-a7la.mam9.com/
Submission Tags: falconsandbox
Submission: On April 03 via api from US

Summary

This website contacted 40 IPs in 9 countries across 38 domains to perform 121 HTTP transactions. The main IP is 94.23.76.111, located in Lisbon, Portugal and belongs to OVH, FR. The main domain is bnotat-a7la.mam9.com.
TLS certificate: Issued by R3 on March 21st 2021. Valid for: 3 months.
This is the only time bnotat-a7la.mam9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 94.23.76.111 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.15.145.115 12876 (Online SAS)
1 2a02:2638::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.57 33438 (HIGHWINDS2)
17 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
14 151.101.13.44 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 139.45.196.210 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 34.246.127.115 16509 (AMAZON-02)
1 139.45.195.8 9002 (RETN-AS)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
14 199.232.137.44 54113 (FASTLY)
2 10 141.226.228.48 200478 (TABOOLA-AS)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 4 52.17.101.63 16509 (AMAZON-02)
2 18.197.99.6 16509 (AMAZON-02)
4 4 185.94.180.125 35220 (SPOTX-AMS)
3 35.158.172.137 16509 (AMAZON-02)
2 2 18.158.22.14 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 198.148.27.140 19189 (PULSEPOINT)
1 185.33.221.89 29990 (ASN-APPNEX)
3 4 142.250.186.66 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
1 185.86.137.132 201081 (SMARTADSE...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 3 51.195.5.38 16276 (OVH)
2 2 18.156.133.101 16509 (AMAZON-02)
1 1 139.162.78.222 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 141.226.224.32 200478 (TABOOLA-AS)
121 40
Apex Domain
Subdomains
Transfer
39 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
cds.taboola.com
am-wf.taboola.com
320 KB
17 2img.net
2img.net
95 KB
9 pushmono.com
pushmono.com
47 KB
8 servimg.com
i.servimg.com
130 KB
6 viglink.com
cdn.viglink.com
api.viglink.com
31 KB
5 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
2 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 mam9.com
bnotat-a7la.mam9.com
70 KB
3 id5-sync.com
id5-sync.com
4 KB
3 bidswitch.net
x.bidswitch.net
436 B
3 google-analytics.com
www.google-analytics.com
38 KB
3 googletagmanager.com
www.googletagmanager.com
112 KB
2 360yield.com
ice.360yield.com
1012 B
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 advertising.com
pixel.advertising.com
249 B
2 tremorhub.com
taboola-supply-partners.tremorhub.com
365 B
2 criteo.com
gum.criteo.com
dis.criteo.com
633 B
2 adstune.com
adstune.com
21 KB
2 consentframework.com
cache.consentframework.com
choices.consentframework.com
184 KB
2 illiweb.com
illiweb.com
18 KB
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
361 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 adkernel.com
dsp.adkernel.com
233 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 pubmatic.com
simage2.pubmatic.com
805 B
1 adnxs.com
ib.adnxs.com
692 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 betgorebysson.club
cdn.betgorebysson.club
989 B
1 google.de
www.google.de
505 B
1 google.com
www.google.com
293 B
1 topicit.net
connect.topicit.net
2 KB
1 maxcdn.com
twemoji.maxcdn.com
5 KB
1 criteo.net
static.criteo.net
37 KB
1 googleapis.com
ajax.googleapis.com
33 KB
121 38
Domain Requested by
17 2img.net bnotat-a7la.mam9.com
10 images.taboola.com bnotat-a7la.mam9.com
9 pushmono.com bnotat-a7la.mam9.com
pushmono.com
8 cdn.taboola.com bnotat-a7la.mam9.com
cdn.taboola.com
8 i.servimg.com bnotat-a7la.mam9.com
5 api.viglink.com cdn.viglink.com
bnotat-a7la.mam9.com
4 cm.g.doubleclick.net 3 redirects
4 sync.taboola.com 2 redirects
4 sync.search.spotxchange.com 4 redirects
4 match.adsrvr.org 2 redirects imprammp.taboola.com
am-match.taboola.com
4 trc.taboola.com cdn.taboola.com
4 bnotat-a7la.mam9.com 1 redirects bnotat-a7la.mam9.com
3 id5-sync.com 2 redirects
3 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
3 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com bnotat-a7la.mam9.com
adstune.com
2 ice.360yield.com 2 redirects
2 ce.lijit.com 1 redirects
2 bh.contextweb.com 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 pixel.advertising.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 adstune.com bnotat-a7la.mam9.com
adstune.com
2 illiweb.com bnotat-a7la.mam9.com
1 am-wf.taboola.com vidstat.taboola.com
1 cds.taboola.com
1 bttrack.com
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 dsp.adkernel.com
1 rtb-csync.smartadserver.com
1 simage2.pubmatic.com
1 ib.adnxs.com
1 pixel.rubiconproject.com
1 match.taboola.com
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 gum.criteo.com static.criteo.net
1 cdn.betgorebysson.club pushmono.com
1 www.google.de bnotat-a7la.mam9.com
1 www.google.com bnotat-a7la.mam9.com
1 stats.g.doubleclick.net www.google-analytics.com
1 connect.topicit.net bnotat-a7la.mam9.com
1 cdn.viglink.com bnotat-a7la.mam9.com
1 twemoji.maxcdn.com bnotat-a7la.mam9.com
1 static.criteo.net bnotat-a7la.mam9.com
1 choices.consentframework.com bnotat-a7la.mam9.com
1 cache.consentframework.com bnotat-a7la.mam9.com
1 ajax.googleapis.com bnotat-a7la.mam9.com
121 55
Subject Issuer Validity Valid
*.mam9.com
R3
2021-03-21 -
2021-06-19
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
illiweb.com
Cloudflare Inc ECC CA-3
2020-08-16 -
2021-08-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-24 -
2021-07-24
a year crt.sh
choices.consentframework.com
R3
2021-02-09 -
2021-05-10
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
twemoji.maxcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-10-09 -
2021-11-09
a year crt.sh
2img.net
Cloudflare Inc ECC CA-3
2020-07-04 -
2021-07-04
a year crt.sh
servimg.com
Cloudflare Inc ECC CA-3
2020-08-17 -
2021-08-17
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
ssl418259.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-10-27 -
2021-05-05
6 months crt.sh
pushmono.com
R3
2021-02-19 -
2021-05-20
3 months crt.sh
topicit.net
Cloudflare Inc ECC CA-3
2020-09-04 -
2021-09-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.google.de
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
viglink.com
Amazon
2020-12-13 -
2022-01-11
a year crt.sh
betgorebysson.club
R3
2021-01-13 -
2021-04-13
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.tremorhub.com
Amazon
2020-07-25 -
2021-08-25
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2020-03-11 -
2021-05-10
a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2020-05-07 -
2022-05-12
2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-22 -
2022-01-05
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
*.id5-sync.com
R3
2021-03-23 -
2021-06-21
3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-29 -
2022-03-29
a year crt.sh

This page contains 6 frames:

Primary Page: https://bnotat-a7la.mam9.com/
Frame ID: EA2352C8453039735DE9FFD5E200159C
Requests: 82 HTTP requests in this frame

Frame: https://adstune.com/ap/index.php?lang=ar&dim=728x90
Frame ID: AF3B038D060FE2F69B717C0A251954C8
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=bnotat-a7la.mam9.com
Frame ID: A21717D771A54B578A48E34DAC714779
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 50CAB83C781D9E6D54531CF1427CA357
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: F6F439AF9A33C3807ACCA1D73EA34975
Requests: 6 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea&tbid=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&query=taboola_hm%3D1bf73bff-363f-404e-b5bd-e779f9c01eea&isDirect=0
Frame ID: D4B46A9A6BBE3BF22F108C03685E0B38
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bnotat-a7la.mam9.com/ HTTP 301
    https://bnotat-a7la.mam9.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i


Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

121
Requests

100 %
HTTPS

36 %
IPv6

38
Domains

55
Subdomains

40
IPs

9
Countries

1152 kB
Transfer

2950 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bnotat-a7la.mam9.com/ HTTP 301
    https://bnotat-a7la.mam9.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=914f8515-94a0-11eb-898f-141484334606 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=914f84da-94a0-11eb-898f-141484334606&orig=video&us_privacy=1---
Request Chain 95
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=910e71b6-94a0-11eb-95ec-16877d163906 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=910e714e-94a0-11eb-95ec-16877d163906&orig=video&us_privacy=1---
Request Chain 99
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea&tbid=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&query=taboola_hm%3D1bf73bff-363f-404e-b5bd-e779f9c01eea&isDirect=0
Request Chain 101
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BjvcLLglxz3X&ev=1&orig=trc&pid=562107
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEH4_aH2ZbiNeVt6ZaQNI_g4&google_cver=1
Request Chain 105
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=1&gdpr_consent=&google_hm=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&google_tc=
Request Chain 106
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=09f90ad8-61b7-4a85-9def-e8c2276f2ea8
Request Chain 107
  • https://ce.lijit.com/merge?pid=42&3pid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Request Chain 112
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7b6f0b29-dd2d-4433-a0d5-5c3ec8903117
Request Chain 113
  • https://id5-sync.com/s/464/9.gif?puid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXsgyXE-Ph4ZpkwH1w8EdPUkYEaHPLWaVqZ3I2A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXsgyXE-Ph4ZpkwH1w8EdPUkYEaHPLWaVqZ3I2A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=63a4efe4-9f9b-479a-ab35-b8fdbcd65123&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Request Chain 114
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=z4G6fuq3AamBXSQAVaNoYA

121 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bnotat-a7la.mam9.com/
Redirect Chain
  • http://bnotat-a7la.mam9.com/
  • https://bnotat-a7la.mam9.com/
48 KB
11 KB
Document
General
Full URL
https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a915aa7b9e7950a14c331620cec33d875bc9e432a52d2a8440eddc5d8b50527d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
bnotat-a7la.mam9.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:04 GMT
content-type
text/html; charset=windows-1256
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
pragma
no-cache
expires
Sat, 03 Apr 2021 00:00:00 GMT
last-modified
Sat, 03 Apr 2021 17:18:04 GMT
vary
User-Agent
set-cookie
exadd=161748; expires=Sat, 03-Apr-2021 21:18:04 GMT; Max-Age=14400
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
1
access-control-allow-origin
*
content-encoding
gzip

Redirect headers

Date
Sat, 03 Apr 2021 17:18:04 GMT
Content-Length
0
Location
https://bnotat-a7la.mam9.com/
0-rtl.css
bnotat-a7la.mam9.com/
157 KB
56 KB
Stylesheet
General
Full URL
https://bnotat-a7la.mam9.com/0-rtl.css
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
116007834f9453b27d79aa20e9436a46204d14235885cb12a77a7c4780a6fb73
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 03 Apr 2021 00:00:00 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
content-security-policy
upgrade-insecure-requests
content-length
57407
x-xss-protection
1
x-cache-ma
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/
93 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 13:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99155
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 13:45:30 GMT
notutf8-ar.js
illiweb.com/rs3/22/frm/lang/
69 KB
17 KB
Script
General
Full URL
https://illiweb.com/rs3/22/frm/lang/notutf8-ar.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:100f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789c207939d09d64b5b1a240515536ec207439ae2556181fd14c78451904650c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
121841
cf-polished
origSize=71131
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093a56fcef00002c4a42316000000001
x-cache-ne
EXPIRED
last-modified
Tue, 30 Mar 2021 07:11:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sD9gq67iJIysNjerTxl2aZgKDKluhj3rsABtv1WyIJUAzoLIXPDo98bZ3NlZ1JBmeSBXVqELUlHjlR8entPjSR6s9dSC%2F9JXMYJ%2BEq5CWhmLqVkGLDl48A%3D%3D"}],"max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
63a3f4417f742c4a-FRA
expires
Sat, 02 Apr 2022 07:27:24 GMT
stub
cache.consentframework.com/js/pa/24697/c/IxWav/
1 KB
1 KB
Script
General
Full URL
https://cache.consentframework.com/js/pa/24697/c/IxWav/stub
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df8837bf88147877c7aa5e68ae6d208bae73857fcac6a6b40384527ff368ba1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
635
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VviusEdv2pdAVAsHmVpHw43GOboEirs9xGs19I%2FFRzh2S9uakf1ikZrR2P%2BXz3TamBihCcpx8RALx1afhpaa8DsFwNPOh0WrMqEXXVkn0bCKZkeD3mGxzzO7ZrO%2Ba%2BPIK7FvywbyCA%3D%3D"}],"max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
strict-transport-security
max-age=15724800; includeSubDomains; preload
cf-ray
63a3f4416ad5dff3-FRA
cf-request-id
093a56fce60000dff31390e000000001
cmp
choices.consentframework.com/js/pa/24697/c/IxWav/
686 KB
183 KB
Script
General
Full URL
https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
f0e1f51e249a8074c54df3b81ba9bc7a33d5db161ad1727cb0a85731b50a93c2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
cache-control
private, max-age=3600
server
nginx/1.11.3
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/
114 KB
37 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 04 Apr 2021 17:18:05 GMT
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
adb3ac33b4c28b2aacc8345983c8f6401702db5e320c60589c0ed17c03681b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39086
x-xss-protection
0
last-modified
Sat, 03 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Apr 2021 17:18:05 GMT
jquery.cookie.js
illiweb.com/rs3/22/frm/jquery/cookie/
1011 B
1 KB
Script
General
Full URL
https://illiweb.com/rs3/22/frm/jquery/cookie/jquery.cookie.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:100f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
166397
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093a56fcef00002c4ab722e000000001
x-cache-ne
EXPIRED
last-modified
Wed, 09 Sep 2020 09:40:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kE4nMSbHfYsjBahjGpuTzY2F4LdlyLTRopZfM%2FfQbfMdzRruTa7zSaH8PNVLWBsTEHseoO%2B2H%2B7rDNxDCq5NE4ww0Z%2FQnkc668Xeesmsj2mlhuS042AuMg%3D%3D"}],"max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
63a3f4417f762c4a-FRA
expires
Fri, 01 Apr 2022 19:04:48 GMT
twemoji.min.js
twemoji.maxcdn.com/
15 KB
5 KB
Script
General
Full URL
https://twemoji.maxcdn.com/twemoji.min.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
37d5f361ff62008596956d1c53d29f4ad7a1a154
date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
gzip
x-cache
HIT
powered-by
MaxCDN
last-modified
Fri, 12 Mar 2021 22:39:00 GMT
server
NetDNA-cache/2.2
x-github-request-id
3588:5D6D:B8489:CF141:606377D0
etag
W/"604bed84-3bc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
x-origin-cache
HIT
x-proxy-cache
MISS
expires
Mon, 03 May 2021 17:18:05 GMT
js
www.googletagmanager.com/gtag/
87 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33961b0e0f463a9a7e3766c1731fdf3e24ffc138ad24ebab50ddd09b3147862c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35503
x-xss-protection
0
last-modified
Sat, 03 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Apr 2021 17:18:05 GMT
i_icon_mini_index.gif
2img.net/s/t/11/52/97/
2 KB
3 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_icon_mini_index.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3e3d2f7afc7b8ff184afdd7a61c062c2069b4e9a1518c671589a1179af5490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6769637
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2470
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:05 GMT
server
cloudflare
etag
"4cc84271-9a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KDm9DwOmtrb0TFeyagyz9pDy1%2FE2sKtTjrcULLh9FCxpLgjuCCJsCpg09YYg0XoHByCdgaTRaSSke%2Bk5pqINCXbVpL32%2BwZbhU5j8UFbD8H8dViLjA%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe5500004e1f84273000000001
accept-ranges
bytes
cf-ray
63a3f443b8334e1f-FRA
cf-bgj
imgq:100,h2pri
i_icon_mini_register.gif
2img.net/s/t/11/52/97/
5 KB
5 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_icon_mini_register.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89072f27f2a3a3815a1e2a859d6d24f150c4233552179cc81787ae028f869315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6769637
cf-polished
origSize=4992
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4893
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:04 GMT
server
cloudflare
etag
"4cc84270-1380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TshavbkDKvWTPpf6BgUjnV6fZFAWh6H5jYT6E6Nq5qfLgcbdFCfSg06SrM%2BBvskuQZAwQUQWQLbbQ0LSYc%2BS7gYgCQdZqW%2B%2FoxE9huzAljP4R7uGTw%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe5500004e1fca8d3000000001
accept-ranges
bytes
cf-ray
63a3f443b8354e1f-FRA
cf-bgj
imgq:100,h2pri
i_icon_mini_login.gif
2img.net/s/t/11/52/97/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_icon_mini_login.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e078e5378beda870acea90f46d0cc865ade3d6d3e44858ac5d5b3d25d78a3ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6769637
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2231
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:04 GMT
server
cloudflare
etag
"4cc84270-8b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1UosWyTJuxYhqJEKWHxNs%2Fmy46l7TyUH5O8jMOus6FdsksZpFJF2KolWcgk7Bw8u3U8TOhWqROkk%2FTiom%2BQeomcwztVDBYbSt5urvklneo8dQD9qYQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe5500004e1f8c837000000001
accept-ranges
bytes
cf-ray
63a3f443b8374e1f-FRA
cf-bgj
imgq:100,h2pri
4bxpimp.gif
2img.net/h/oi3.tinypic.com/
272 B
272 B
Image
General
Full URL
https://2img.net/h/oi3.tinypic.com/4bxpimp.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6773682
cf-polished
status=cannot_optimize
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
272
x-xss-protection
1; mode=block
last-modified
Thu, 19 Sep 2019 21:46:22 GMT
server
cloudflare
etag
"5d83f72e-110"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EwB2oFlxT1yFUNPThIhQEFP0jdrYMg%2Fr3CnkGcUHcuAKX9XPJ5uPS3chgnIiMnfURSHCpMOG%2BFcxM4M3N6Us7%2BW%2FCGjedOn%2FaYJuNn%2B%2B5dDU3bX4JQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe5500004e1ff6a93000000001
accept-ranges
bytes
cf-ray
63a3f443b8364e1f-FRA
cf-bgj
imgq:100,h2pri
26000010.gif
i.servimg.com/u/f47/11/47/65/06/
21 KB
21 KB
Image
General
Full URL
https://i.servimg.com/u/f47/11/47/65/06/26000010.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5e426541733078f99e568f7b00d52fa125f6d54609694d11b596f379b0100c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21229
cf-request-id
093a56fe5200004e19ff80d000000001
last-modified
Fri, 11 Jul 2008 16:28:47 GMT
server
cloudflare
etag
"48778a3f-52ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fmmyTgkVxGwVfZ9d0f%2FHVdgMDtc5n4p500Llix3LT1x%2FScpqLgvFUyBVJGrTl0fxILw0mnBkFleoV62FqjnWn1PT45mG9axJaWkPAjF%2FJexRVRb%2FimS3%2B6Ht"}]}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443ba004e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
www_ua31.gif
i.servimg.com/u/f45/12/15/94/38/
43 B
357 B
Image
General
Full URL
https://i.servimg.com/u/f45/12/15/94/38/www_ua31.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
093a56fe5200004e19fa0c3000000001
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0r8zi%2FxMsBOEua8xd0TRz%2FtrDkkdKATXmqnLoYxdBwAUf%2FKoOrzoAxax4Vmm172llf9%2Ft1Iq6%2BrrtLS%2F8q%2BthmyoIJQj35WqZ7j2mfdY9GPelvSzckW6gIUx"}]}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443ba034e19-FRA
get-6-10.jpg
i.servimg.com/u/f45/12/65/78/71/
29 KB
29 KB
Image
General
Full URL
https://i.servimg.com/u/f45/12/65/78/71/get-6-10.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d8e971ea1a603c9e1a6c7ead716a0a97a7c0f36c8a5ff197d6a41aab93ec3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29601
cf-request-id
093a56fe5200004e191a13c000000001
last-modified
Fri, 11 Jul 2008 04:39:22 GMT
server
cloudflare
etag
"4876e3fa-73a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pncO12Gbhr%2Fr5%2BAkrAd1mfhLGfU2pGXqMsNszaFSDcqNI3TS1QmDwUa%2FIL%2FE8w%2FlJyMKm5BceAaY6r4MV6R7gPH7PSgz0tW6R2qJib1L7FUFtqYZCzJG2VxL"}]}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443ba054e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
get-6-11.jpg
i.servimg.com/u/f45/12/65/78/71/
29 KB
30 KB
Image
General
Full URL
https://i.servimg.com/u/f45/12/65/78/71/get-6-11.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79674c1bc5ef8ac33050f479db9672eec9c73cd0487253c83354c40e4e78a155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30162
cf-request-id
093a56fe5200004e190b006000000001
last-modified
Fri, 11 Jul 2008 04:42:17 GMT
server
cloudflare
etag
"4876e4a9-75d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9GCU5%2FYPyCeExZ%2FDpI2xquovXjEvPBw%2FN3Tofp2of8G8ru7S60TulMPXsKKRc6q5AR5FwqD4rXkbQTHD0u%2FgfD0zXjeV2TAcd5K28%2FuqktN6EiNd6VlNm5dT"}]}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443ba074e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
get-6-10.gif
i.servimg.com/u/f45/12/65/78/71/
9 KB
10 KB
Image
General
Full URL
https://i.servimg.com/u/f45/12/65/78/71/get-6-10.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bff32ff4797ee1b853b94ed9aa32720cb31f2204d8be141196db6e627500adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9293
cf-request-id
093a56fe5200004e19ed1e2000000001
last-modified
Fri, 11 Jul 2008 04:42:49 GMT
server
cloudflare
etag
"4876e4c9-244d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mtc8ZsMjBmvOrlIhZN%2FP4JN0kIJsANSqKes6FnfBaAcdhYrlyaUSS3Qq7wCmJEtxMPw%2BRbUFJrN6Z73J2JNtspwy7WTHgcgH0NLlrDUQZvDbv0l%2Fcrr%2FTOWn"}]}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443ba0a4e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
get-6-12.jpg
i.servimg.com/u/f45/12/65/78/71/
29 KB
30 KB
Image
General
Full URL
https://i.servimg.com/u/f45/12/65/78/71/get-6-12.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565cce2d433d6406307ee59f86fc6f8ad9c9031ac3b96243cbee07594e24af13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29768
cf-request-id
093a56fe6800004e1915259000000001
last-modified
Fri, 11 Jul 2008 04:43:17 GMT
server
cloudflare
etag
"4876e4e5-7448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LnI3yePbT6Ab%2F338wHYTTcRcm57UeEEWafDRgZ8lB8o29zumgA5%2FqwJnI6HMTehXWRcjdiFEICEIZCAC5XYtvp67%2BezQ3rktldkEY9%2FHIFLt0quU8iG7tzbX"}]}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443da384e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
iprjmrxssk.jpg
2img.net/h/static.filefront.com/images/personal/a/abed3/57926/
0
0
Image
General
Full URL
https://2img.net/h/static.filefront.com/images/personal/a/abed3/57926/iprjmrxssk.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

glitte10.gif
i.servimg.com/u/f45/12/65/78/71/
3 KB
3 KB
Image
General
Full URL
https://i.servimg.com/u/f45/12/65/78/71/glitte10.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28db51f343df7acbb4e1e74e9924fecfee725d15666e7fc74b32869f3e8e5fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3079
cf-request-id
093a56fe6800004e19ef87d000000001
last-modified
Fri, 11 Jul 2008 04:46:09 GMT
server
cloudflare
etag
"4876e591-c07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yqDmuXd3qkaT9wo2O7dht0piRx7YikibY4ienMoutO1EHEINpsfjam8lDprsllGyGMF35jkHvRDB3HdKkreltevkcZApUaXAEMlopy1OmkzCg6I1vsbB1O83"}]}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443da3a4e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
r250-510.gif
i.servimg.com/u/f34/11/64/56/49/
6 KB
7 KB
Image
General
Full URL
https://i.servimg.com/u/f34/11/64/56/49/r250-510.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d25ce9e2979b5f926c96d1e2ea52fd32a7658820ae992293a8611011c0b49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6622
cf-request-id
093a56fe6800004e19e5204000000001
last-modified
Fri, 15 Feb 2008 08:01:01 GMT
server
cloudflare
etag
"47b546bd-19de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2rwH1cqmHs4cdkIeoDtocPKsROTNKfZhNRoabiCmvSMzsTxbhuyBCOeMNRU6cc2BoHKXGgJ94flxru073wWp6jTJczXib0eEK9r6%2Fb99BBCUNC46Vb%2FziCEU"}]}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f443da3b4e19-FRA
expires
Sun, 03 Apr 2022 17:18:05 GMT
i_icon_latest_reply.gif
2img.net/s/t/11/52/97/
854 B
1 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_icon_latest_reply.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373abe8a872ae3dccd4d0a26c592aeb21bd9871307fd090831bff91902446f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3557829
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
854
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:04 GMT
server
cloudflare
etag
"4cc84270-356"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ccPbtSJeTC9TdC6CoDIpH9td9fmpO9WllUhek6u4apPss2ERjUfeXLSCSDY5v%2FvUUh5NbGEvAibw9BdrQGIC9fy%2F9W6qzXZYqxfMqCv2n20dKjJBUQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6800004e1f12033000000001
accept-ranges
bytes
cf-ray
63a3f443d86f4e1f-FRA
cf-bgj
imgq:100,h2pri
i_whosonline.gif
2img.net/s/t/11/52/97/
17 KB
17 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_whosonline.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a6716b8c2a95958bd29c826158882ea515df5ffe8b603a6bb1a371910d2fe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
318002
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17058
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:05 GMT
server
cloudflare
etag
"4cc84271-42a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6NWD%2BURaJpWWJ0To%2Bpih67LlJgIsfTFQznzIK%2BhEnROlkuE0q617DuFRCynw5fk78Hqs4j6LiSDy70D5HeIWRtZtiOZ3rSzKXLhNWpGfKzjclIqo4A%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6800004e1f9a80e000000001
accept-ranges
bytes
cf-ray
63a3f443d8724e1f-FRA
cf-bgj
imgq:100,h2pri
i_folder_new_big.gif
2img.net/s/t/11/52/97/
3 KB
4 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_folder_new_big.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33611c2e27d08ccc0f3cd06a36561b6e8f82d520618d45c857ecad403f05cf1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
755589
cf-polished
origSize=3350
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3302
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jun 2008 16:30:38 GMT
server
cloudflare
etag
"484ffdae-d16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oNEP3cYrrx2vjz5sAbUfufEvWlhz6HXxUt%2Bj1Kmps6cH5FUdGyT2%2B%2BBcUZXWngJkOgjaEAiysLo9QahQVs3GlaEOxoEN%2FAPsiO%2BVVKb312zdAGKDLQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6800004e1f0f831000000001
accept-ranges
bytes
cf-ray
63a3f443d8754e1f-FRA
cf-bgj
imgq:100,h2pri
i_folder_big.gif
2img.net/s/t/11/52/97/
2 KB
3 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_folder_big.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5efafffb82fd15667b646dd63f9b3496a787595c46c3087a1f2301cd5989493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1815710
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2116
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:04 GMT
server
cloudflare
etag
"4cc84270-844"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l0v0IkwbEbBXJmmU0ZekqcvoQGpIB6QeVZpciEZUZ0WYJ%2BictpdmBC6Sswe0Jtxga42gQw3B33rGmCD6nhOR5w3r9x34FaMpw0r0V%2BK62VN3NOSMDQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6900004e1fe2b61000000001
accept-ranges
bytes
cf-ray
63a3f443d8764e1f-FRA
cf-bgj
imgq:100,h2pri
i_folder_locked_big.gif
2img.net/s/t/11/52/97/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_folder_locked_big.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ed16d0fef6896a77df5fefe61c42bef64ccd250dc5b3d4de4f6a2542dfd6c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1670183
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2101
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:05 GMT
server
cloudflare
etag
"4cc84271-835"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4QfNxBEgrnxYP1BTtlNzmZ3WPBjDhDMHHVFvhyB2pp0hrnhG%2BTIMn9AAFF1exkvrj0DpCERwsVuHx6wQEYtupua6SSW7rzSy1uvC6oVKkyhMzrhwHQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6900004e1faba67000000001
accept-ranges
bytes
cf-ray
63a3f443d8774e1f-FRA
cf-bgj
imgq:100,h2pri
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3778
date
Sat, 03 Apr 2021 16:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 03 Apr 2021 18:15:07 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-ar/
159 KB
24 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
053af871970bf323004577fdf2bda4ecb7924729f762f4d9aead98a95ae78f4c

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xuJoFEHGzrA_OyZhe96cJUDZKWpDz.2G
content-encoding
gzip
etag
"75a2670c52e92b30f20bf5489bb60597"
age
22
x-cache
HIT
content-length
23644
x-amz-id-2
HM7HZVlhkSjzrBgklWf/cSEUgU0306P2x9HHD73loYC3oxsukt05wfwuj2sTih4w6QB3Eq9KzTo=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 01 Apr 2021 09:31:51 GMT
server
AmazonS3
x-timer
S1617470285.474477,VS0,VE1
date
Sat, 03 Apr 2021 17:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
JJ8T1HPB1FZEAMVA
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
63
x-cache-hits
1
index.php
adstune.com/ap/ Frame AF3B
879 B
1 KB
Document
General
Full URL
https://adstune.com/ap/index.php?lang=ar&dim=728x90
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9d33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e68c39fe9ae494fdc762d3a7269e460abde000260e6b47d6ca34d9c2af14b552
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adstune.com
:scheme
https
:path
/ap/index.php?lang=ar&dim=728x90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bnotat-a7la.mam9.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bnotat-a7la.mam9.com/

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd468da6dab78d5745fbbcb0e80feb14a1617470285; expires=Mon, 03-May-21 17:18:05 GMT; path=/; domain=.adstune.com; HttpOnly; SameSite=Lax __cf_bm=0194f5017daac968ccd4e740ca6e775d2388569c-1617470285-1800-ASI69O+6n15F3DlOlhVXx8uiowVTUBE2r4Mj0lAw4Ookgbi9EtbYs9rqr6+8wuteS5uFitDE3YIN/YG9XEYnYRI=; path=/; expires=Sat, 03-Apr-21 17:48:05 GMT; domain=.adstune.com; HttpOnly; Secure; SameSite=None
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-cache-ne
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
093a56fe5c0000d72d5c02d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zY3w0Sdh86sr0nMR3A6gT56shBPim1V6EKcGqynPUDGYTRH1ou%2F1wC8sdXn2EIKmOpaJDNX9W33GxwQomG2T4SJTOzjBirKG0bhbabqOB9NgfDGdl80smA%3D%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
63a3f443ceb3d72d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
i_background.gif
2img.net/s/t/11/52/97/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_background.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b45574810bc8d39b9c9e9733a30a5d73c91854383d7ce31636c2f23eb187f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3829305
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1865
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:05 GMT
server
cloudflare
etag
"4cc84271-749"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=noFjzHRTF9bTzzRsrrTYK2rTkxIy2TTTrP01EEvg7HyKevHqm17QCiABIIHyJ3kR5odnGU85B2TkDh0yVm52k%2FxwXohPh5s3kG1fjbqUEYzA9jgYuA%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6900004e1ff72e5000000001
accept-ranges
bytes
cf-ray
63a3f443d87a4e1f-FRA
cf-bgj
imgq:100,h2pri
i_header_bg.gif
2img.net/s/t/11/52/97/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_header_bg.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b45574810bc8d39b9c9e9733a30a5d73c91854383d7ce31636c2f23eb187f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6769637
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1865
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:04 GMT
server
cloudflare
etag
"4cc84270-749"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c3E%2BPjk4NKy71XvWTddvSiQOiSSI1n1ClK3nbJhriF5mX6eeuTg5sM0t2TDN%2FSPLywDDRzdwqBt5t4FkfPgn7rZDeFHpBgX3UZfWrE35oobRxzTabg%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6a00004e1fa4054000000001
accept-ranges
bytes
cf-ray
63a3f443d87b4e1f-FRA
cf-bgj
imgq:100,h2pri
empty.gif
2img.net/i/fa/
42 B
392 B
Image
General
Full URL
https://2img.net/i/fa/empty.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3835320
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F%2BsWnb8mu9rywyOfOrunDPIzN5zTceB8NDtYbA3Vv%2FHsSWDJTy1iFsBeh9%2B%2Bg8F5QwXA9bU9i%2Bt%2BTMamMh21B2vzNFEv9TGFhAdJt1FADGdG3MpouA%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56fe6a00004e1ff03e5000000001
accept-ranges
bytes
cf-ray
63a3f443d87c4e1f-FRA
cf-bgj
imgq:100,h2pri
i_logo.jpg
2img.net/s/t/11/52/97/
45 KB
45 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_logo.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8356755ebdc80f80152851cc060bf66e52425399ee60456d3d49222e545c5e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6753250
cf-polished
origSize=46720
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45731
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 14:29:22 GMT
server
cloudflare
etag
"4cc83742-b680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EAFuXaive%2BxTnL712UGIts6qEIeQAdjwoiBIhxhmNhFOVq9S5ToLmVzG4bdDruLnsNGsNVb9t4UWumNbdTEJGQl%2B%2Fr5mPXFPgdDZ%2FfH5t%2BSGUHY6yA%3D%3D"}],"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56feab00004e1f89816000000001
accept-ranges
bytes
cf-ray
63a3f444493a4e1f-FRA
cf-bgj
imgq:100,h2pri
i_list_bg.gif
2img.net/s/t/11/52/97/
2 KB
3 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_list_bg.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b45574810bc8d39b9c9e9733a30a5d73c91854383d7ce31636c2f23eb187f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1815708
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1865
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:05 GMT
server
cloudflare
etag
"4cc84271-749"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nvcIvS2pGEm88KHw5kTbmAnPJMCrLmxax3Kb3AsxeggKvV0uL4TPxm4JlQYV0hmrap%2FYs4swbn0AV79QNn2SamnfgXtzAKcPz796NGLd0mn8y6HvRQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56feb800004e1ffd094000000001
accept-ranges
bytes
cf-ray
63a3f44459564e1f-FRA
cf-bgj
imgq:100,h2pri
i_back_title.gif
2img.net/s/t/11/52/97/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_back_title.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b45574810bc8d39b9c9e9733a30a5d73c91854383d7ce31636c2f23eb187f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1821959
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1865
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:04 GMT
server
cloudflare
etag
"4cc84270-749"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5OW%2BMaWorD%2Fj5Ai6F1YXW5OkKTCOUddXdlpKxWWkvezEiL1g1tP%2BLcNVilhkVrAMrx4apqJLyhJtC2LeNATr%2BXCBVGcVNtbIH0GD7fbh%2BHgGV7to0w%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56feb800004e1fa7b66000000001
accept-ranges
bytes
cf-ray
63a3f444595b4e1f-FRA
cf-bgj
imgq:100,h2pri
i_category.gif
2img.net/s/t/11/52/97/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/11/52/97/i_category.gif
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5efafffb82fd15667b646dd63f9b3496a787595c46c3087a1f2301cd5989493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
338698
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2116
x-xss-protection
1; mode=block
last-modified
Wed, 27 Oct 2010 15:17:05 GMT
server
cloudflare
etag
"4cc84271-844"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LjvJOso0ii9V0XGbOTbYHQwlRMOlpii86jonpPXzlu5%2FwqsjhBMGHh60t5kLnIabhCYUmFv8AzYyaGQlZZHH3PcpIMTdOA1l5BhXL5tvEHKrdK%2FA2w%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
093a56feb800004e1ff03ec000000001
accept-ranges
bytes
cf-ray
63a3f444595c4e1f-FRA
cf-bgj
imgq:100,h2pri
collect
www.google-analytics.com/j/
2 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1115455099&t=pageview&_s=1&dl=https%3A%2F%2Fbnotat-a7la.mam9.com%2F&ul=en-us&de=windows-1256&dt=%D8%A8%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%86%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%88%D8%AA%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D8%A7%D8%AA%20%D8%A3%D8%AD%D9%80%D9%80%D9%80%D9%80%D9%80%D9%80%D9%84%D9%80%D9%80%D9%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=217803884&gjid=9791644&cid=162911220.1617470286&tid=UA-144347007-1&_gid=1987839303.1617470286&_r=1&gtm=2ou3o0&z=1530167513
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnotat-a7la.mam9.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
vglnk.js
cdn.viglink.com/api/
81 KB
28 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
gzip
cf-cache-status
HIT
age
691655
cf-ray
63a3f4453e564a5b-FRA
content-length
28567
x-amz-id-2
ptbA00CuV/bZqj0ahYDMdW1LOzqKO3y6TSYpkNHgYjoEZR7sy/MEi0cbJnTcVIJe3dou0FOA+1s=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
JR6A86Y4TCVV27Z5
cache-control
public, max-age=604800
cf-request-id
093a56ff4400004a5b0f208000000001
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 10 Apr 2021 17:18:05 GMT
ntfc.php
pushmono.com/
14 KB
6 KB
Script
General
Full URL
https://pushmono.com/ntfc.php?p=2308013
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
66536afb4cd30c70b49e1636a7d1c804bcb9d2152248976c73cf29470b7d5ea9

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Mar 2021 13:55:13 GMT
Server
nginx
ETag
W/"6059f341-378f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
connect.js
connect.topicit.net/scripts/
3 KB
2 KB
Script
General
Full URL
https://connect.topicit.net/scripts/connect.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
552
cf-polished
origSize=5437
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093a56ff520000e0073386b000000001
last-modified
Tue, 27 Aug 2019 14:04:48 GMT
server
cloudflare
etag
W/"5d653880-153d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FeX7tD3MrfDycb72sHsg3qLnh19HLnHKolQB0%2Fz32Ab5fA5w919yOxIHy5RmkXfFVVL%2FNwd99WxnH%2FN0nzV8GMBT8QENPLGr9myXbgPJwy%2FnSjeywkxZ%2FXZwSLpiJPlt"}]}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-ray
63a3f4454cffe007-FRA
cf-bgj
minify
impl.20210331-18-RELEASE.js
cdn.taboola.com/libtrc/
471 KB
109 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
36b924eb471bd62b8dcec75c1be9211e19d733f6fc900ff2e65eee3c42149403

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3CdYKdqodsRTqLuiZu7FVK_FY0JR.8m6
content-encoding
br
etag
"122633d29dda942f9c451d18957ff7cb"
age
6597
x-cache
HIT
content-length
110792
x-amz-id-2
Qfe7mmrNpT7Spe/bV9oQWdvN5Iu5VgSpV6+FhFGGlMyT8RUwhd2oniP5/8/OLxUS/kc21dWmQiY=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 01 Apr 2021 07:27:54 GMT
server
AmazonS3-br
x-timer
S1617470286.653995,VS0,VE0
date
Sat, 03 Apr 2021 17:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
25X08F7YB1XYHVRR
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
20
x-cache-hits
29394
collect
stats.g.doubleclick.net/j/
4 B
449 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-144347007-1&cid=162911220.1617470286&jid=217803884&gjid=9791644&_gid=1987839303.1617470286&_u=IEBAAUAAAAAAAC~&z=537637209
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 03 Apr 2021 17:18:05 GMT
content-type
text/plain
access-control-allow-origin
https://bnotat-a7la.mam9.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame AF3B
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-121629819-1
Requested by
Host: adstune.com
URL: https://adstune.com/ap/index.php?lang=ar&dim=728x90
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9420557ba25963d0a786b36851a8eecfc8e470574c256b76a0e9f823f0b19eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://adstune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39082
x-xss-protection
0
last-modified
Sat, 03 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Apr 2021 17:18:05 GMT
ahlaejaba-2.gif
adstune.com/ap/ar/728x90/ Frame AF3B
19 KB
19 KB
Image
General
Full URL
https://adstune.com/ap/ar/728x90/ahlaejaba-2.gif
Requested by
Host: adstune.com
URL: https://adstune.com/ap/index.php?lang=ar&dim=728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9d33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15d7b464ce5be2902a6df51d16ca45d7fdc43595f465b5ffa8e4d748d6efc39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adstune.com/ap/index.php?lang=ar&dim=728x90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4007424
strict-transport-security
max-age=63072000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19233
cf-request-id
093a56ff850000d72d7b025000000001
last-modified
Fri, 20 Oct 2017 13:04:32 GMT
server
cloudflare
etag
"59e9f460-4b21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qUfo9rtb2%2FCENtZFSowfeslqUk%2BJc%2FHutiF7YzYZFkLh14NOu5XD9IOm7O62xf1i%2Bs9zLKkxMfu5W4TqMbEVvzx%2BY8PW8oRGiQlDra26h4JUmiPGUgXWtw%3D%3D"}],"max_age":604800}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
63a3f445a945d72d-FRA
expires
Wed, 16 Feb 2022 08:07:41 GMT
ga-audiences
www.google.com/ads/
42 B
293 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-144347007-1&cid=162911220.1617470286&jid=217803884&_u=IEBAAUAAAAAAAC~&z=804827422
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
505 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-144347007-1&cid=162911220.1617470286&jid=217803884&_u=IEBAAUAAAAAAAC~&z=804827422
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api.viglink.com/api/
258 B
989 B
XHR
General
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.127.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-127-115.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
f1341b1ecb27ae68fc686972f24530f222026386e6b92974327e44ef75f07e86

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
258
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zone
pushmono.com/
780 B
1 KB
Fetch
General
Full URL
https://pushmono.com/zone?pub=0&zone_id=2308013&is_mobile=false&domain=bnotat-a7la.mam9.com&var=&ymid=&var_3=
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2308013
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
99c77352cd316c6d7efffd881b97ae55b6509130fc6f92f78654abacbb2bcc05
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id
6ae51c3a82fdd11d24d27b00c06bfa4a
Date
Sat, 03 Apr 2021 17:18:01 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
780
universal.min.js
pushmono.com/pfe/current/
106 KB
38 KB
Fetch
General
Full URL
https://pushmono.com/pfe/current/universal.min.js?v=3.1.287
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2308013
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b848aa5186e192476dbebe4125c0923eafab7bcbce30be76e8d8d8eb02237a6c

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Mar 2021 13:55:13 GMT
Server
nginx
ETag
W/"6059f341-1a9d6"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
analytics.js
www.google-analytics.com/ Frame AF3B
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121629819-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adstune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3778
date
Sat, 03 Apr 2021 16:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 03 Apr 2021 18:15:07 GMT
apu.php
cdn.betgorebysson.club/
382 B
989 B
Script
General
Full URL
https://cdn.betgorebysson.club/apu.php?zoneid=3765907
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2308013
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5b075cbfb0e162fe79bca75e5d6f4e71649ac1c45821bc4a2fd4b7b45fe524d8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
5613a0b0cfec17d6edb50d4d8a6a90e9
pragma
no-cache
date
Sat, 03 Apr 2021 17:18:04 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
382
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/custom
Protocol
HTTP/1.1
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bnotat-a7la.mam9.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 03 Apr 2021 17:18:01 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushmono.com/
39 B
495 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
f21649a4e152715be7a79b0f8dc51fd7
Date
Sat, 03 Apr 2021 17:18:01 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sw.js
bnotat-a7la.mam9.com/
5 KB
2 KB
Fetch
General
Full URL
https://bnotat-a7la.mam9.com/sw.js
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.76.111 Lisbon, Portugal, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c995b7be0da1c4593f871757a7951f329e0ac39c21f0bd5bc4cce4cb38b202f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 13:54:01 GMT
etag
W/"5d6535f9-1554"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
sync.js
api.viglink.com/api/
0
307 B
Script
General
Full URL
https://api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.127.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-127-115.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/
0
307 B
Image
General
Full URL
https://api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.127.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-127-115.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/
41 B
493 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.127.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-127-115.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
50bc4d81a7dc6dec3e99fc44f2757202ee9ba9b97c435175a9f065b649b2fba2

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
custom
pushmono.com/
39 B
495 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
344b4f941770a12bb9af3729e7caeeef
Date
Sat, 03 Apr 2021 17:18:01 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/custom
Protocol
HTTP/1.1
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bnotat-a7la.mam9.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 03 Apr 2021 17:18:01 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/custom
Protocol
HTTP/1.1
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bnotat-a7la.mam9.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 03 Apr 2021 17:18:06 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushmono.com/
39 B
495 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
8f41f71aa7a28754bd6ddc6c5e8030e4
Date
Sat, 03 Apr 2021 17:18:06 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
syncframe
gum.criteo.com/ Frame A217
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=bnotat-a7la.mam9.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=bnotat-a7la.mam9.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bnotat-a7la.mam9.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bnotat-a7la.mam9.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1424
date
Sat, 03 Apr 2021 17:18:10 GMT
content-length
0
json
trc.taboola.com/forumotion-ar/trc/3/
12 KB
5 KB
XHR
General
Full URL
https://trc.taboola.com/forumotion-ar/trc/3/json?tim=19%3A18%3A10.757&lti=deflated&data=%7B%22id%22%3A628%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1617269505017%2C%22vi%22%3A1617470290755%2C%22cv%22%3A%2220210331-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbnotat-a7la.mam9.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2869%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2786.171875%2C%22mw%22%3A1000%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
246c18576517113e5bced18a2b6080637ac2a8fc37b55b0ca7d22a2618850d44

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
82
date
Sat, 03 Apr 2021 17:18:10 GMT
content-encoding
gzip
server
nginx
x-timer
S1617470291.770612,VS0,VE82
x-served-by
cache-fra19134-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bnotat-a7la.mam9.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
78aES2K9e_BQ1VejaFN0QXuuayHCrT6B
content-encoding
gzip
etag
"1da06556d096c84420c24cf4a174b8a5"
age
27236
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4389
x-amz-id-2
A6oFNJBTuAIg0W4OW+iYyDmCfnDWBJCiyuPOXsgsx0oD8GygdRI1oQQQr2Ef9a18FqtOUyoZadE=
x-served-by
cache-fra19134-FRA
last-modified
Wed, 31 Mar 2021 09:42:57 GMT
server
AmazonS3
x-timer
S1617470291.880748,VS0,VE0
date
Sat, 03 Apr 2021 17:18:10 GMT
vary
Accept-Encoding
x-amz-request-id
341Z0AMRAM6ZJZ2G
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
20
x-cache-hits
430550
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FyU75WazRsiEew8mV1P.ejYIF3IEfCEj
content-encoding
gzip
etag
"fa3c5d1be5ff23d2bbc39878e37cc0ec"
age
14554
x-cache
HIT
x-amz-replication-status
PENDING
content-length
749
x-amz-id-2
1I/L+AiRXIfkyPP3JvgAzpIOn2hbxJyWkgGqk2v091V9V0QDWMmo3vnbV9T/UJGaDerlVZftXN4=
x-served-by
cache-fra19134-FRA
last-modified
Wed, 17 Mar 2021 13:13:46 GMT
server
AmazonS3
x-timer
S1617470291.880724,VS0,VE0
date
Sat, 03 Apr 2021 17:18:10 GMT
vary
Accept-Encoding
x-amz-request-id
S947MPC9C9C9NDWK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
20
x-cache-hits
112415
tfa-eid.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7c85d790a350f43b5feba283d09de98a3094f938d863ca4d600b25bdd1b5ab2

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
16eeiBixCdBJhhAlR4o1_1h2cp3Y0mp_
content-encoding
gzip
etag
"a0b5b7a95c2bc7f5d75bd446320da64a"
age
57
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4857
x-amz-id-2
2Mh133bmYqseXila4azyi63fBxJmhpn7HHZaHKkRV5uQ178wCmVBhVW2t6WOio98VMom19EnpZs=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 01 Apr 2021 09:27:35 GMT
server
AmazonS3
x-timer
S1617470291.883284,VS0,VE0
date
Sat, 03 Apr 2021 17:18:10 GMT
vary
Accept-Encoding
x-amz-request-id
QT385D2SE6WGW3QM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
417
sha256.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a7870d8cb0d9ebfe2d51348128a0bc5e86f9c8f9501634cf27ca2738e0f8585

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YMOtj_oiBGo5pEq31QWZ1LKKC_iWDtCh
content-encoding
gzip
etag
"3e7ab7d11ea7bfe97a8443355107238b"
age
45
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2597
x-amz-id-2
riiA8WD7fjgTeukPAvxzMRs5+6Ivu0w0tb5eZM6fGedLDF1hubx2WUgnoEcqHoN2LncRS+c9sC8=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 01 Apr 2021 09:27:44 GMT
server
AmazonS3
x-timer
S1617470291.883254,VS0,VE0
date
Sat, 03 Apr 2021 17:18:10 GMT
vary
Accept-Encoding
x-amz-request-id
5M1WGF1S14035YH8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
318
tb
15.taboola.com/
30 KB
9 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fbnotat-a7la.mam9.com%2F&encoded=1&uid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback1&cb=1617470290891&tagid=&cntry=NL&platform=1&sesid=5225c4e496f28f1d781044746b098c45&itemid=/&viewid=1617470290755&geolat=&geoing=&deviceifa=&appid=&sd=v2_5225c4e496f28f1d781044746b098c45_ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2_1617470290_1617470290_CNawjgYQ3pxDGMP298WJLyABKAEwoQE4l-oLQJmXEEi0htgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ri=5f6997f7e22451c5dd597ea39c766b63&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NH&hasGDPRConsent=true&tcfVersion=2&cmpStatus=1&tnetid=1037540&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be43eea85e1d31a3f95e044f1348b4233a1c40e8faf180eaf1e9752fa6a8b201

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Apr 2021 17:18:10 GMT
content-encoding
gzip
access-control-allow-origin
https://bnotat-a7la.mam9.com
machineid
1416
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11571-HHN
pragma
no-cache
server
nginx
x-timer
S1617470291.954193,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1defca322a57dbf6fed8f797e91c03fc7036b884b1f32f2932c93fc7cde6a607

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OZqFSM3teoSTt4scU6AXm2YW2LuJTx_N
content-encoding
gzip
etag
"a0dc960c4f751bc91de70fae4da2ef14"
age
116
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7856
x-amz-id-2
EEPGOWKVvQ6NbqcGsaq3e9HRXdM76AHMCTt9h6AttbnMGbSeyV2IQofSEAQc29WOXnc6R0bDtSQ=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 01 Apr 2021 09:27:30 GMT
server
AmazonS3
x-timer
S1617470291.903439,VS0,VE0
date
Sat, 03 Apr 2021 17:18:10 GMT
vary
Accept-Encoding
x-amz-request-id
XM1PG43PCAXA9KV5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
142
1155872315__FlMPMXQA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
4 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1155872315__FlMPMXQA.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c6abf4d9aad58654aef4d534e8a15b70f88e99c0bc3bf957d322f4da04aaf6ec

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 17:18:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
187242
edge-cache-tag
507234690326010676319709755950220685368,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1155872315__FlMPMXQA.jpg
content-length
3903
x-served-by
cache-dca17721-DCA, cache-dca17775-DCA, cache-hhn11521-HHN
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Thu, 04 Mar 2021 14:13:26 GMT
server
cloudinary
x-timer
S1617470291.960766,VS0,VE1
etag
"fae05536636f43124a41e71fe79e7ca4"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
f6b2a45e460181a401fac614567920b0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6b2a45e460181a401fac614567920b0.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9adece0ba37650640b152c1cc7d823dadd72868b865e09447fd290ebdb3e21fb

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 17:18:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2039382
edge-cache-tag
496941724265366718265415649083908402745,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 03 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6b2a45e460181a401fac614567920b0.jpeg
content-length
5369
x-served-by
cache-dca17745-DCA, cache-dca12921-DCA, cache-hhn11521-HHN
x-backend-name
fastlyshield--shield_cache_dca12921_DCA
last-modified
Wed, 03 Mar 2021 14:10:02 GMT
server
cloudinary
x-timer
S1617470291.960755,VS0,VE1
etag
"cc66eef3ee1ce65330d36f0b3396a01b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
71b2d14a4e52fabefba1c2b632309fdf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71b2d14a4e52fabefba1c2b632309fdf.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2ee55275514897643387e760c80e7e4aa27725938925a9948624cc3da6afaf4b

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 17:18:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
768234
edge-cache-tag
323665639230767832986041759403447662488,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 14 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71b2d14a4e52fabefba1c2b632309fdf.png
content-length
9787
x-served-by
cache-dca17759-DCA, cache-dca17753-DCA, cache-hhn11521-HHN
x-backend-name
fastlyshield--shield_cache_dca17753_DCA
last-modified
Sun, 14 Mar 2021 12:55:02 GMT
server
cloudinary
x-timer
S1617470291.960740,VS0,VE1
etag
"5a7b6c13a39d6634c24bdbe81afb0b75"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
155911571__IxxJod4x.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
25 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/155911571__IxxJod4x.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
20e569a18be5a3a856471dbf4f5fadbc291ff0af296391084bc9a2203a670b09

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 17:18:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3022255
edge-cache-tag
501330691128882544672349921555706915664,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/155911571__IxxJod4x.jpg
content-length
25258
x-request-id
db5379a93fc3294589747384e82d1cb5
x-backend-name
fastlyshield--shield_cache_dca17739_DCA
last-modified
Fri, 19 Feb 2021 16:45:14 GMT
server
cloudinary
x-timer
S1617470291.960755,VS0,VE1
etag
"0b856dcb0522042f8613e3639a137482"
x-served-by
cache-wdc5559-WDC, cache-dca17739-DCA, cache-hhn11521-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
b5dabe035aeef4a20c401817acfff837.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a9a1039bace39bbf045a8831d990a26f7899795efde0bee5352e8aa1692fc72c

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 17:18:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1163068
edge-cache-tag
431580161089517925255506874675092295471,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 05 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
content-length
13179
x-served-by
cache-dca17733-DCA, cache-dca12921-DCA, cache-hhn11521-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca12921_DCA
last-modified
Fri, 05 Mar 2021 07:08:48 GMT
server
cloudinary
x-timer
S1617470291.960696,VS0,VE1
etag
"37ea2cad566c6320cdf5d30f15b7898d"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.3.7/
95 KB
27 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fe452b6d12b9a0f6d2c06daa3f67ae0faeb8d4710e7c31880fb73f7d616a81d

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront), 1.1 varnish
age
29718
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
27588
x-served-by
cache-hhn11571-HHN
last-modified
Sat, 03 Apr 2021 09:02:14 GMT
server
AmazonS3
x-timer
S1617470291.000147,VS0,VE0
etag
"139c4c3eacd4f66ca326e0b101650830"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Q682fUCSyrrKpVkvp--XoDG4_o_l_o1iYqB5FX_3akCe6dLkADexIw==
x-cache-hits
1074
1155872315__FlMPMXQA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
4 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1155872315__FlMPMXQA.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c6abf4d9aad58654aef4d534e8a15b70f88e99c0bc3bf957d322f4da04aaf6ec

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
187242
edge-cache-tag
507234690326010676319709755950220685368,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1155872315__FlMPMXQA.jpg
content-length
3903
x-served-by
cache-dca17721-DCA, cache-dca17775-DCA, cache-hhn11521-HHN
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Thu, 04 Mar 2021 14:13:26 GMT
server
cloudinary
x-timer
S1617470291.003023,VS0,VE0
etag
"fae05536636f43124a41e71fe79e7ca4"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
f6b2a45e460181a401fac614567920b0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6b2a45e460181a401fac614567920b0.jpeg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9adece0ba37650640b152c1cc7d823dadd72868b865e09447fd290ebdb3e21fb

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2039382
edge-cache-tag
496941724265366718265415649083908402745,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 03 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6b2a45e460181a401fac614567920b0.jpeg
content-length
5369
x-served-by
cache-dca17745-DCA, cache-dca12921-DCA, cache-hhn11521-HHN
x-backend-name
fastlyshield--shield_cache_dca12921_DCA
last-modified
Wed, 03 Mar 2021 14:10:02 GMT
server
cloudinary
x-timer
S1617470291.003003,VS0,VE0
etag
"cc66eef3ee1ce65330d36f0b3396a01b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
b5dabe035aeef4a20c401817acfff837.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a9a1039bace39bbf045a8831d990a26f7899795efde0bee5352e8aa1692fc72c

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1163068
edge-cache-tag
431580161089517925255506874675092295471,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 05 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
content-length
13179
x-served-by
cache-dca17733-DCA, cache-dca12921-DCA, cache-hhn11521-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca12921_DCA
last-modified
Fri, 05 Mar 2021 07:08:48 GMT
server
cloudinary
x-timer
S1617470291.002992,VS0,VE0
etag
"37ea2cad566c6320cdf5d30f15b7898d"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
71b2d14a4e52fabefba1c2b632309fdf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71b2d14a4e52fabefba1c2b632309fdf.png
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2ee55275514897643387e760c80e7e4aa27725938925a9948624cc3da6afaf4b

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
768234
edge-cache-tag
323665639230767832986041759403447662488,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 14 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71b2d14a4e52fabefba1c2b632309fdf.png
content-length
9787
x-served-by
cache-dca17759-DCA, cache-dca17753-DCA, cache-hhn11521-HHN
x-backend-name
fastlyshield--shield_cache_dca17753_DCA
last-modified
Sun, 14 Mar 2021 12:55:02 GMT
server
cloudinary
x-timer
S1617470291.016014,VS0,VE0
etag
"5a7b6c13a39d6634c24bdbe81afb0b75"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
155911571__IxxJod4x.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
25 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/155911571__IxxJod4x.jpg
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
20e569a18be5a3a856471dbf4f5fadbc291ff0af296391084bc9a2203a670b09

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3022255
edge-cache-tag
501330691128882544672349921555706915664,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/155911571__IxxJod4x.jpg
content-length
25258
x-request-id
db5379a93fc3294589747384e82d1cb5
x-backend-name
fastlyshield--shield_cache_dca17739_DCA
last-modified
Fri, 19 Feb 2021 16:45:14 GMT
server
cloudinary
x-timer
S1617470291.016012,VS0,VE0
etag
"0b856dcb0522042f8613e3639a137482"
x-served-by
cache-wdc5559-WDC, cache-dca17739-DCA, cache-hhn11521-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
domains
api.viglink.com/api/
42 B
494 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.127.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-127-115.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
60e7e775458faa3e3c099a5d3eaef20e8340baf03be22f4aea786c2a66e661be

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:10 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://bnotat-a7la.mam9.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
st
imprammp.taboola.com/ Frame 50CA
973 B
572 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bnotat-a7la.mam9.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bnotat-a7la.mam9.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish
x-served-by
cache-fra19134-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1617470291.300238,VS0,VE11
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame F6F4
973 B
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bnotat-a7la.mam9.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bnotat-a7la.mam9.com/

Response headers

server
nginx
date
Sat, 03 Apr 2021 17:18:11 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3405
VideoBidRequestHandlerServlet
wf.taboola.com/
1008 B
639 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1617470291292&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1212&pt=62534551&tz=120&viewable=true&ddast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=3&sd=undefined&dtagid=2090795&dpubid=240385&abtst=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fbnotat-a7la.mam9.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2b3e78169b3b6c4796bd4955c86c60bfe91cf3e3090c304e7941b2a9287de22

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
content-encoding
gzip
access-control-allow-origin
https://bnotat-a7la.mam9.com
machineid
1434
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11571-HHN
pragma
no-cache
server
nginx
x-timer
S1617470291.305181,VS0,VE35
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
44 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=31589837&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1617470284604.7979!ts:1617470291286&mntl=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
content-length
0
server
nginx
sync
taboola-supply-partners.tremorhub.com/ Frame 50CA
43 B
183 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:16e5:e760:b671:d648 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 50CA
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.101.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-101-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 50CA
0
125 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 50CA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=914f84da-94a0-11eb-898f-141484334606&orig=video&us_privacy=1---
0
226 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=914f84da-94a0-11eb-898f-141484334606&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Sat, 03 Apr 2021 17:18:11 GMT
server
nginx
x-fastly-to-nlb-rtt
1858

Redirect headers

Date
Sat, 03 Apr 2021 17:18:11 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=914f84da-94a0-11eb-898f-141484334606&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
68
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 50CA
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&cmcv=&pix=undefined&cb=1617470291286&uv=2945&tms=1617470291286&abt=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=932742EEEC421661211759782738&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-172-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame F6F4
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.101.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-101-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame F6F4
43 B
182 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:16e5:e760:b671:d648 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame F6F4
0
124 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F6F4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=910e714e-94a0-11eb-95ec-16877d163906&orig=video&us_privacy=1---
0
226 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=910e714e-94a0-11eb-95ec-16877d163906&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sat, 03 Apr 2021 17:18:11 GMT
server
nginx
x-fastly-to-nlb-rtt
1858

Redirect headers

Date
Sat, 03 Apr 2021 17:18:11 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=910e714e-94a0-11eb-95ec-16877d163906&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
118
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame F6F4
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-172-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bulk
trc.taboola.com/forumotion-ar/log/3/
0
251 B
XHR
General
Full URL
https://trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sat, 03 Apr 2021 17:18:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1617470292.911897,VS0,VE9
x-served-by
cache-fra19134-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bnotat-a7la.mam9.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
707 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: bnotat-a7la.mam9.com
URL: https://bnotat-a7la.mam9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
19210
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19134-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1617470292.949088,VS0,VE0
date
Sat, 03 Apr 2021 17:18:11 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
55
x-cache-hits
22555
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame D4B4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea&tbid=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&query=taboola_hm%3D1bf73bff-363f-...
0
90 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea&tbid=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&query=taboola_hm%3D1bf73bff-363f-404e-b5bd-e779f9c01eea&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1617470293.026401,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1bf73bff-363f-404e-b5bd-e779f9c01eea&tbid=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&query=taboola_hm%3D1bf73bff-363f-404e-b5bd-e779f9c01eea&isDirect=0
tbl-x-upstream
10.40.0.134:10213
date
Sat, 03 Apr 2021 17:18:13 GMT
server
nginx
x-fastly-to-nlb-rtt
1853
sync.php
pixel.rubiconproject.com/exchange/ Frame D4B4
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame D4B4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BjvcLLglxz3X&ev=1&orig=trc&pid=562107
0
217 B
Image
General
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BjvcLLglxz3X&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Sat, 03 Apr 2021 17:18:13 GMT
server
nginx
x-fastly-to-nlb-rtt
9365

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BjvcLLglxz3X&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-sb9ql
expires
-1
getuidnb
ib.adnxs.com/ Frame D4B4
43 B
692 B
Image
General
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:12 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.56:80
AN-X-Request-Uuid
5c914b36-a1d4-44f9-bac6-fa302e6584ef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame D4B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEH4_aH2ZbiNeVt6ZaQNI_g4&google_cver=1
0
178 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEH4_aH2ZbiNeVt6ZaQNI_g4&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sat, 03 Apr 2021 17:18:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1617470293.104549,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEH4_aH2ZbiNeVt6ZaQNI_g4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D4B4
42 B
805 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2:$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 17:18:12 GMT
X-lat
lhrpug004:0:637
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame D4B4
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=1&gdpr_consent=&google_hm=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&google_tc=
170 B
484 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=1&gdpr_consent=&google_hm=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&google_tc=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=1&gdpr_consent=&google_hm=a6f7f5fe-ebaf-489f-b432-59fe08575c8d-tuct76228d3&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D4B4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=09f90ad8-61b7-4a85-9def-e8c2276f2ea8
0
201 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=09f90ad8-61b7-4a85-9def-e8c2276f2ea8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sat, 03 Apr 2021 17:18:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1617470293.966138,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=09f90ad8-61b7-4a85-9def-e8c2276f2ea8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame D4B4
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&us_privacy=&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
0
433 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=42&3pid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:12 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:12 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame D4B4
49 B
406 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-cvmjk
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame D4B4
43 B
697 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:12 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
dsp.adkernel.com/ Frame D4B4
42 B
233 B
Image
General
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 17:18:13 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
put
e1.emxdgt.com/ Frame D4B4
0
59 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d41&uid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:12 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D4B4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7b6f0b29-dd2d-4433-a0d5-5c3ec8903117
0
226 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7b6f0b29-dd2d-4433-a0d5-5c3ec8903117
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Sat, 03 Apr 2021 17:18:13 GMT
server
nginx
x-fastly-to-nlb-rtt
3593

Redirect headers

pragma
no-cache
x-errorlevel
0
date
Sat, 03 Apr 2021 17:18:12 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7b6f0b29-dd2d-4433-a0d5-5c3ec8903117
cache-control
no-cache
server-processing-duration-in-ticks
1980
content-type
text/html; charset=utf-8
content-length
222
expires
Sat, 03 Apr 2021 00:00:00 GMT
2.gif
id5-sync.com/cq/464/124/6/ Frame D4B4
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXsgyXE-Ph4ZpkwH1w8EdPUkYEaHPLWaVqZ3I2A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXsgyXE-Ph4ZpkwH1w8EdPUkYEaHPLWaVqZ3I2A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=63a4efe4-9f9b-479a-ab35-b8fdbcd65123&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/cq/464/124/6/2.gif?puid=63a4efe4-9f9b-479a-ab35-b8fdbcd65123&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.38 , France, ASN16276 (OVH, FR),
Reverse DNS
p16.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 17:18:11 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/464/124/6/2.gif?puid=63a4efe4-9f9b-479a-ab35-b8fdbcd65123&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date
Sat, 03 Apr 2021 17:18:13 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame D4B4
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=z4G6fuq3AamBXSQAVaNoYA
0
218 B
Image
General
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=z4G6fuq3AamBXSQAVaNoYA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.222:10213
date
Sat, 03 Apr 2021 17:18:13 GMT
server
nginx
x-fastly-to-nlb-rtt
8423

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=z4G6fuq3AamBXSQAVaNoYA
date
Sat, 03 Apr 2021 17:18:13 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame D4B4
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Sat, 03 Apr 2021 17:17:37 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
cds.taboola.com/ Frame D4B4
0
155 B
Image
General
Full URL
https://cds.taboola.com/?uid=ed1a0610-aea0-469f-b74f-257646cbe5d7-tuct76228d2&_r=7431161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 03 Apr 2021 17:18:13 GMT
Cache-Control
no-store
Server
nginx
Connection
close
sync
x.bidswitch.net/ Frame D4B4
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=taboola&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-172-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 17:18:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
VideoBidRequestHandlerServlet
wf.taboola.com/
1008 B
549 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1617470296292&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1212&pt=62534551&tz=120&viewable=true&ddast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=3&sd=undefined&dtagid=2090795&dpubid=240385&abtst=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fbnotat-a7la.mam9.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2b3e78169b3b6c4796bd4955c86c60bfe91cf3e3090c304e7941b2a9287de22

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 03 Apr 2021 17:18:16 GMT
content-encoding
gzip
access-control-allow-origin
https://bnotat-a7la.mam9.com
machineid
1463
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11571-HHN
pragma
no-cache
server
nginx
x-timer
S1617470296.306203,VS0,VE41
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
1008 B
688 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1617470301292&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1212&pt=62534551&tz=120&viewable=true&ddast=V7tFcCFgNBNV-trPuRWARBNV-trPuRWAUAAAAGBuIHHLmZ7EaTFYvFIU0Ws9lisljsVsvdcLLbDIfAkZvJbjRZsVgc0mQxmy0mi8FkttoMJsvZcgoewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ43dKDpdPhc93qJ3W96mN4K39hhVzvczrnG7_bLAQAAAOABwOotE-IHEAAgAgAAAEACAAAAgCKg4t9C4AIAAAAAA8CA5EIDgJIjIdye08tycrj9AQDwUAACACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUgFjECAAAACCXenXoaFInVBZVAAAE6VYAVwAAAXiYvfwPYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSjKzCwNiBPFXu0XEABg7RcQAIBN3QAA3gTggi4AVqcQu-FssRvNNqPZAQAAANz9____64HUZLLamFam5WxmGc4cI99wMRiNdqPZxLAcbkyr7cXlR7flZXKV9nkIy-z3HUQsz9f0NxxkfMvrbRAVXW-L3eE0e-43YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDhEmDI5FobZYrBWuByGtWi2nLklvtHMLVntZqPZxuJyjXxr0etj-s0mk-HIskXBAIy9CC7Sicxveb39pqff7lZYLmKJ5mSRTmSXfWsyWW1MK9NyNrMMZ46Rb7gYjEa70WxiWA43ptW-ZXIsDLPFYK1wOQxr0Ww5c0t8o5lbstrNRrONxeUa-dai18f0m00mw5Fl35gtdqPdYLIc7BuzxW60G0yWg32HzvBdfc5GZ3A88diEynK4q5KZDwqXweL9HS3S2K03M6psY4vFNAxNPxOr0O_3-_1-v9_v93s3ZoPHYDDMPNptYuzyazY_5dGiiCWC00U6Eb2Mp4tYInlapBPVzLZc7ma-lWUyWi02rpHJtdytHJ7lxjebTWybiViiNF2kE71E_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaSCjwWa4Wi4AhLOX7s_sp3RASHnmLuUPieC2YvjEcYP5La-33_T0290Ky5UBHqjJmTd7Joi1Wi1rAAAAAWwAAICA7Ny6eQs4keIAAAAC4wAAAAHkAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=3&sd=undefined&dtagid=2090795&dpubid=240385&abtst=adh5c-1_vA!insc_vA!ll337_vA!mprdctdt6_vA!smbs!spa2_vA!ufm&mPre=0.025&cirf=https%3A%2F%2Fbnotat-a7la.mam9.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e2b3e78169b3b6c4796bd4955c86c60bfe91cf3e3090c304e7941b2a9287de22

Request headers

Referer
https://bnotat-a7la.mam9.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 17:18:21 GMT
content-encoding
gzip
server
nginx
machineid
1452
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bnotat-a7la.mam9.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| imageTag boolean| theSelection string| clientPC number| clientVer boolean| is_ie boolean| is_nav number| is_moz boolean| is_win boolean| is_mac object| selectId function| helpline function| getarraysize function| arraypush function| arraypop function| checkForm function| emoticon function| emoticonp function| emoticonw function| constructBBcode function| BBcodeVideo function| bbfontstyle function| bbstyle function| FindXY function| selectWysiwyg function| mozWrap function| storeCaret object| html string| document_dir object| item number| mouse_y number| mouse_x function| get_mouseX function| get_mouseY function| get_mouse_pos function| showhide function| insert_search_menu function| insert_search_menu_new function| insert_plus_menu function| insert_plus_menu_new function| insert_plus_album function| insert_plus_album_new function| insert_plus_pic function| insert_plus_pic_new function| link_bbcode function| ShowHideLayer function| ShowHideMenu function| expandLayer function| fa_endpage function| hdr_ref function| hdr_expand function| hdr_contract function| hdr_toggle function| select_switch_col function| disabled1 function| disabled2 string| agt undefined| originalFirstChild function| createTitle function| destroyTitle function| my_getcookie function| my_setcookie function| writeCookie function| expandAllLayer function| check function| checkBySel function| refresh_username function| refresh_username_new function| timestamp function| insertChatBox function| insertChatBoxNew function| insertChatBoxPopup function| showMenu function| action_user function| hideMenu function| js_urlencode function| ajax_refresh_chatbox function| ajax_submit_chatbox function| ajax_refresh_chatterlist function| insert_chatboxsmilie function| change_display_by_icon function| switchuploadaddress function| do_mark function| checkreport function| insert_smilie function| unban_user function| checkmodcp function| check_rotation_radiobuttons function| select_switch_search function| verify_select function| select_switch_line function| select_switch_privmsg function| GetParam function| google_afs_request_done function| set_solved function| bbstyle_table function| display_upload_servimg function| display_upload_imageshack function| onMessage object| gw_window object| gw_style number| offsetx number| offsety number| curX number| curY number| distX number| distY string| obj_ietruebody function| gws_show undefined| elem undefined| divHeight undefined| mouseX undefined| mouseY function| returnNumber function| resizeElement function| resize function| stopResize function| update_dst function| ajax_exec function| div_marquee function| togglePostMultiQuote function| initPostMultiQuote function| initSetFunction function| runLogInPopUp function| privmsg_add_username function| resize_images function| FM_widget_share object| FA function| SystemPoint string| b_help string| i_help string| u_help string| q_help string| c_help string| l_help string| o_help string| p_help string| w_help string| a_help string| s_help string| f_help string| k_help string| e_help string| r_help string| j_help string| v_help string| m_help string| d_help string| t_help string| g_help string| x_help string| y_help string| z_help string| h_help string| sp_help string| wo_help string| ft_help string| jt_help string| sub_help string| sup_help string| tab_help string| hr_help string| fl_help string| vd_help string| _help object| bbcode object| bbtags object| adsbygoogle function| __tcfapi object| criteo_pubtag object| criteo_pubtag_106 object| Criteo object| Criteo_106 object| google_tag_manager object| dataLayer function| gtag function| setScreen number| width boolean| isMobile string| CriteoAdUnits function| CriteoAdblock object| _userdata object| _lang object| _board object| google_tag_data string| GoogleAnalyticsObject function| ga object| _taboola object| twemoji object| gaplugins object| gaGlobal object| gaData function| vglnk string| cname number| cpos object| TRC object| _tblConsole undefined| msg object| SDDAN boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16174702857266 undefined| vglnk_16174702857267 number| compteur object| tiButtons string| tiClass function| useQuerySelector undefined| div undefined| span undefined| result undefined| currentElement undefined| elementClass function| _replaceElement function| topicit_action function| isInt object| zfgformats function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| sdk boolean| installOnFly undefined| vglnk_16174702858969 object| cookies number| j number| taboola_view_id object| placementData object| _tfa object| cmTag undefined| vglnk_161747029118310 object| _cm_wfCounters string| lastWfUrl

6 Cookies

Domain/Path Name / Value
.adstune.com/ Name: __cf_bm
Value: 0194f5017daac968ccd4e740ca6e775d2388569c-1617470285-1800-ASI69O+6n15F3DlOlhVXx8uiowVTUBE2r4Mj0lAw4Ookgbi9EtbYs9rqr6+8wuteS5uFitDE3YIN/YG9XEYnYRI=
.mam9.com/ Name: _gat_gtag_UA_144347007_1
Value: 1
.mam9.com/ Name: _gid
Value: GA1.2.1987839303.1617470286
.mam9.com/ Name: _ga
Value: GA1.2.162911220.1617470286
.bnotat-a7la.mam9.com/ Name: _fa-screen
Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
bnotat-a7la.mam9.com/ Name: exadd
Value: 161748

4 Console Messages

Source Level URL
Text
console-api log URL: https://bnotat-a7la.mam9.com/(Line 57)
Message:
{"w":1600,"h":1200}
console-api log URL: https://static.criteo.net/js/ld/publishertag.js(Line 1)
Message:
%cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Missing 'placements' parameter
console-api log (Line 1)
Message:
service worker path (u): /sw.js event domain: https://pushmono.com
console-api log URL: https://cdn.betgorebysson.club/apu.php?zoneid=3765907(Line 1)
Message:
0x50005

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
2img.net
adstune.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
api.viglink.com
bh.contextweb.com
bnotat-a7la.mam9.com
bttrack.com
cache.consentframework.com
cdn.betgorebysson.club
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
ce.lijit.com
choices.consentframework.com
cm.g.doubleclick.net
connect.topicit.net
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
gum.criteo.com
i.servimg.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
illiweb.com
images.taboola.com
imprammp.taboola.com
match.adsrvr.org
match.taboola.com
pixel.advertising.com
pixel.rubiconproject.com
pushmono.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
simage2.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
taboola-supply-partners.tremorhub.com
trc.taboola.com
twemoji.maxcdn.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
139.162.78.222
139.45.195.8
139.45.196.210
141.226.224.32
141.226.228.48
142.250.186.66
151.101.13.44
174.137.133.49
178.250.0.163
18.156.133.101
18.158.22.14
18.195.155.181
18.197.99.6
185.33.221.89
185.64.190.80
185.86.137.132
185.94.180.125
192.132.33.46
198.148.27.140
199.232.137.44
23.111.9.57
2600:1f18:612b:4232:16e5:e760:b671:d648
2606:4700:20::681a:566
2606:4700:20::ac43:48e9
2606:4700:3030::6815:100f
2606:4700:3030::ac43:8367
2606:4700:3033::6815:5aab
2606:4700:3037::ac43:9d33
2606:4700::6810:a10d
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c1b::9c
2a02:2638:1::13
2a02:2638::3
34.246.127.115
35.158.172.137
51.15.145.115
51.195.5.38
52.17.101.63
69.173.144.165
72.251.249.13
94.23.76.111
053af871970bf323004577fdf2bda4ecb7924729f762f4d9aead98a95ae78f4c
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
116007834f9453b27d79aa20e9436a46204d14235885cb12a77a7c4780a6fb73
1defca322a57dbf6fed8f797e91c03fc7036b884b1f32f2932c93fc7cde6a607
20e569a18be5a3a856471dbf4f5fadbc291ff0af296391084bc9a2203a670b09
246c18576517113e5bced18a2b6080637ac2a8fc37b55b0ca7d22a2618850d44
28db51f343df7acbb4e1e74e9924fecfee725d15666e7fc74b32869f3e8e5fe5
2a7870d8cb0d9ebfe2d51348128a0bc5e86f9c8f9501634cf27ca2738e0f8585
2b45574810bc8d39b9c9e9733a30a5d73c91854383d7ce31636c2f23eb187f39
2ee55275514897643387e760c80e7e4aa27725938925a9948624cc3da6afaf4b
33611c2e27d08ccc0f3cd06a36561b6e8f82d520618d45c857ecad403f05cf1e
33961b0e0f463a9a7e3766c1731fdf3e24ffc138ad24ebab50ddd09b3147862c
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b
36b924eb471bd62b8dcec75c1be9211e19d733f6fc900ff2e65eee3c42149403
373abe8a872ae3dccd4d0a26c592aeb21bd9871307fd090831bff91902446f88
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
46a6716b8c2a95958bd29c826158882ea515df5ffe8b603a6bb1a371910d2fe8
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
50bc4d81a7dc6dec3e99fc44f2757202ee9ba9b97c435175a9f065b649b2fba2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d25ce9e2979b5f926c96d1e2ea52fd32a7658820ae992293a8611011c0b49e
565cce2d433d6406307ee59f86fc6f8ad9c9031ac3b96243cbee07594e24af13
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5b075cbfb0e162fe79bca75e5d6f4e71649ac1c45821bc4a2fd4b7b45fe524d8
60e7e775458faa3e3c099a5d3eaef20e8340baf03be22f4aea786c2a66e661be
637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e
66536afb4cd30c70b49e1636a7d1c804bcb9d2152248976c73cf29470b7d5ea9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6df8837bf88147877c7aa5e68ae6d208bae73857fcac6a6b40384527ff368ba1
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
789c207939d09d64b5b1a240515536ec207439ae2556181fd14c78451904650c
78d8e971ea1a603c9e1a6c7ead716a0a97a7c0f36c8a5ff197d6a41aab93ec3d
79674c1bc5ef8ac33050f479db9672eec9c73cd0487253c83354c40e4e78a155
7fe452b6d12b9a0f6d2c06daa3f67ae0faeb8d4710e7c31880fb73f7d616a81d
8356755ebdc80f80152851cc060bf66e52425399ee60456d3d49222e545c5e66
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89072f27f2a3a3815a1e2a859d6d24f150c4233552179cc81787ae028f869315
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9420557ba25963d0a786b36851a8eecfc8e470574c256b76a0e9f823f0b19eba
99c77352cd316c6d7efffd881b97ae55b6509130fc6f92f78654abacbb2bcc05
9adece0ba37650640b152c1cc7d823dadd72868b865e09447fd290ebdb3e21fb
9bff32ff4797ee1b853b94ed9aa32720cb31f2204d8be141196db6e627500adb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a915aa7b9e7950a14c331620cec33d875bc9e432a52d2a8440eddc5d8b50527d
a9a1039bace39bbf045a8831d990a26f7899795efde0bee5352e8aa1692fc72c
adb3ac33b4c28b2aacc8345983c8f6401702db5e320c60589c0ed17c03681b1c
b3ed16d0fef6896a77df5fefe61c42bef64ccd250dc5b3d4de4f6a2542dfd6c8
b848aa5186e192476dbebe4125c0923eafab7bcbce30be76e8d8d8eb02237a6c
be43eea85e1d31a3f95e044f1348b4233a1c40e8faf180eaf1e9752fa6a8b201
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c6abf4d9aad58654aef4d534e8a15b70f88e99c0bc3bf957d322f4da04aaf6ec
c995b7be0da1c4593f871757a7951f329e0ac39c21f0bd5bc4cce4cb38b202f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5e426541733078f99e568f7b00d52fa125f6d54609694d11b596f379b0100c
e078e5378beda870acea90f46d0cc865ade3d6d3e44858ac5d5b3d25d78a3ea1
e2b3e78169b3b6c4796bd4955c86c60bfe91cf3e3090c304e7941b2a9287de22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68c39fe9ae494fdc762d3a7269e460abde000260e6b47d6ca34d9c2af14b552
e7c85d790a350f43b5feba283d09de98a3094f938d863ca4d600b25bdd1b5ab2
ec3e3d2f7afc7b8ff184afdd7a61c062c2069b4e9a1518c671589a1179af5490
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e1f51e249a8074c54df3b81ba9bc7a33d5db161ad1727cb0a85731b50a93c2
f1341b1ecb27ae68fc686972f24530f222026386e6b92974327e44ef75f07e86
f15d7b464ce5be2902a6df51d16ca45d7fdc43595f465b5ffa8e4d748d6efc39
f5efafffb82fd15667b646dd63f9b3496a787595c46c3087a1f2301cd5989493
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881